OCTOBER  13, 2008 

VOL.  42,  NO.  41  S5/C0PY 


News  Analysis 

Solid-state  storage  is 
promising,  IT  execs 
say.  Too  bad  its  cost 
is  still  prohibitive  for 
many  of  them,  page  12 


Excel  may  turn  out  to 
be  Microsoft’s  ace  in 
the  hole  on  business 
intelligence,  page  16 


the  grill:  ‘Privacy  is 
dead.  Get  over  it,’  says 
private  eye  Steven 
Rambam.  page  18 


Opinion 

Microsoft  a  player 
in  high-performance 
computing?  Steven 
J.  Vaughan-Nichols 
doesn’t  buy  it.  page  22 

Careers 

Control  freaks  can 
actually  make  good 
bosses  -  if  they’re 
self-aware,  page  47 


Don’t  Miss . . . 

You  can’t  manage 
creativity,  but  you 
can  manage  for  it. 
Harvard’s  Mukti  Khaire 
tells  how.  PAGE  30 


m  ASTER 
\lvr%i bn  A 
ftdtraJ 


■  NEWS  DIGEST 

6  AMD  spins  off  ifs  chip  plants, 

hoping  to  regain  a  competitive  edge 
against  Intel.  |  Microsoft  says  it 
will  continue  shipping  Windows  XP 
to  PC  makers  through  next  July. 


8  SAP  blames  the  world  financial 
crisis  for  a  sudden  drop-off 
in  its  sales.  |  A  review  of  H-1B 
visa  applications  finds  fraud  or 
“technical  violations”  in  27% 
of  cases  involving  computer 
professionals. 

10  UPS  is  testing  a 
mobile  device  to  track 
truck  speeds  and 
idle  times  and  to  help 
drivers  maintain  their 
schedules. 

■  NEWS  ANALYSIS 


12  Solid  State  Not  Yet  on  Solid 


Ground.  IT  managers  are  starting 
to  see  the  potential  benefits  of  solid- 
state  storage  technology,  but  they 
remain  cool  to  adopting  it  because  of 
the  upfront  cost. 


16  Microsoft 
Looks  to  Unlock 
Door  to  Wider  Bl 
Use.  The  software 
vendor  is  working  to 
scale  up  SQL  Server 
to  support  larger  data 
warehouses,  and  it 
wants  to  use  Excel  to 
“democratize”  Bl. 


2  Editor’s  Note:  Don  Tennant 

thinks  help  should  be  available  to 
people  with  Asperger’s  syndrome 
because  they  deserve  the  happiness 
that  comes  from  serving  and  uplifting 
others. 


22  Steven  J.  Vaughan-Nichols 

isn’t  buying  Microsoft  as  a  vendor  of 
reliable  high-performance  computing 
technology. 

44  Paul  Glen  isn’t  sure  that  experi¬ 
ence  is  all  it’s  cracked  up  to  be.  He 
has  some  thoughts  about  the  love- 
hate  relationship  so  many  IT  manag¬ 
ers  have  with  the  concept. 

50  Frankly  Speaking:  Frank 
Hayes  urges  IT  departments  to  re¬ 
main  visible  to  their  business  leaders 
as  their  budgets  get  slashed. 


GOMPUTERWORLD  ■  OCTOBER  13,  2008 


BRIAN  STAUFFER 


■  FEATURES 

!  24  The  Trouble  With 
:  Telecommuting 

COVER  STORY:  Working  from  home  is  gaining  in  popular- 
|  ity,  but  before  you  say  yes  to  telework,  make  sure  you’ve 

asked  yourself  and  your  employees  these  tough  questions. 


30  The  Creativity 
Conundrum 

Q&A:  You  can’t  manage  creativity, 
but  you  can  create  an  environment 
that  will  nurture  it.  Harvard  Busi¬ 
ness  School  professor  Mukfi  Khaire 
explains  how. 


36  When  the  Watchdog 
Is  the  Underdog 

The  security  sector  is  plagued  with  problems, 
from  bad  guys  and  bad  buys  to  weak  budgets 
and  weak  workers.  Here  are  some  tactics 
for  dealing  with  those 
common  trouble 
spots. 


■  DEPARTMENTS 


18  The  Grill:  Private  eye  Steve 
Rambam  talks  about  what  he  does, 
how  IT  makes  it  possible  and  why 
he's  not  the  one  you  should  be 
worried  about. 

42  Security  Manager’s 
Journal:  Patching  Pro¬ 
gram  Still  Under  Fire. 

Having  allies  on  the  busi¬ 
ness  side  helps,  but  the  sysadmins 
who  will  have  to  do  the  work  remain 
unconvinced  that  it’s  worth  the  effort. 


47  Career  Watch:  It’s  not  just  you 
-  the  entire  workforce  is  aging;  why 
you  might  prefer 
to  work  for  a 
control  freak;  and 
what  ever  happened 
to  the  class  of ’93? 

49  Shark  Tank: 

OK,  I  said  you  can’t 

change  the  IP  address, 
not  that  you  couldn’t 
override  it. 


■  ALSO  IN  THIS  ISSUE 


Letters 

4 

Company  Index 

49 

V 


'^qcdaort 


wma 


.mm 


wav 


re  not  just  new  forms  of  data 


Integrate  data  like  never  before, 
SQL  Server  2008  provides  built-in 
vuVCmmutebnc,  or  ■ ;  Cvrcrfwmats:, 

Manage  data  like  never  before. 
New  built-in  data  -compression 
p'Pf  V  V  UMpb  P;  1  Upp/V V  '  v ; V 
of  data  with  increased  performance. 

Deliver  data  like  never  before. 

,{  m  fOQS  Integrates  with 
familiar  Microsoft  Office  applications. 


new  form  of  e  ergy 

Introducing  Microsoft®  SQL  Server®2008.  Harness  the  power  of  the  data  explosion. 
The  number  of  data  formats  you  have  to  deal  with,  along  with  the  sheer  volume 
of  data,  has  exploded  in  the  fast  few  years.  With  new  SQL  Server  2008,  you  can  harness 
the  untapped  power  of  that  data  explosion  by  integrating,  managing,  and  delivering  that 
power  for  your  end  users  like  never  before,  See  the  power  you  can  give  end  users  at 
SQ  rverEnergy.com 

Microsoft 


COMPmEBWORLD.COM 

TTusWeek 

Online 

Find  these  stories  at 
computerworld.com/more 


Blog  Spotlight 

Vista  R.I.P. 

Steven  J.  Vaughan-Nichois:  Microsoft’s 
actions  have  made  it  clear:  Vista  is  on  its 
way  to  the  Microsoft  junkyard,  next  to  simi¬ 
lar  failures  such  as  Windows  ME  and  Microsoft  Bob. 

Google  Chrome  =  Dead, 

Google  Search  =  Hot 

John  Brandon:  Google’s  browser  has  now 
almost  become  inconsequential,  a  bright  blip 
that  has  faded  faster  than  John  Brandon’s  summer  tan.  | 

Backing  the  Claim 
That  Voting  Systems 
,  Are  Inherently  Insecure 

Sharon  Machlis:  It’s  not  a  matter  of  tin-foil 
hats,  partisan  politics,  evil  intent  or  inepti¬ 
tude.  It’s  basic  computer  system  design:  Lack  of  a  paper  trail  j 
makes  any  voting  system  unsafe. 

\  i 

\  / 


Stop  Ignoring  Your 
Phone’s  Inner  Map 

Mike  Elgan:  You  paid  extra  for  the 
GPS  feature  in  your  cell  phone,  so  why 
aren’t  you  using  it? 


Usenet:  Not  Dead  Yet 

Major  ISPs  are  cutting  off  access  to  Usenet  communities. 
But  that  doesn’t  necessarily  mean  we’re  witnessing  the  final 
years  of  one  of  the  oldest  online  communication  systems. 


i  Microsoft:  Bad  Things 
/  Mml  Happen  to  Firms  That 
^C_  J  Use  Unlicensed  Windows 


The  IT  Worker’s 
Wall  Street 
Meltdown 
Worry  List 

Some  questions  -  and 
answers  -  about  your  job 
and  your  future. 


A  company-sponsored  report  says  counterfeit  software 
leads  to  system  failures,  lost  data  and  other  problems. 


Researcher  Finds  Evidence  of 
Massive  Site  Compromise 


The  person  who  discovered  the  problem  is  working  with  law 
enforcement  agencies  and  orga¬ 
nizations  such  as  the  CERT 
Coordination  Center  to  tell 
site  operators  in  Fortune 
500  firms  and  else¬ 
where  that  they  need 
to  change  their  admin¬ 
istrative  passwords, 
purge  the  malicious  code 
and  secure  their  sites. 


mmhsm 


Fish  is  charged  with  remotely  installing  new 
software  for  a  stock  brokerage  house.  But  come 
Monday  morning,  one  trader  can’t  find  the  program’s 
shortcut  icon  where  it’s  supposed  to  be. 


ONLINE  DEPARTMENTS 

Breaking  News 

computerworld.com/news 

Newsletter  Subscriptions 

computerworld.com/newsletters 

Knowledge  Centers 

computerworld.com/topics 

ZURICH 


One  global  insurance  program 
for  your  expanding  business. 
Even  for  places  you've  never  been. 

Zurich  HelpPoint  is  here  when  you  need  more  than  just  insurance.  So  we  offer  the 
Zurich  Multinational  Insurance  Proposition  (MIP)*.  It  helps  you  keep  global  insurance 
programs  compliant  when  you  expand  your  business  to  a  new  market  and  expose 
yourself  to  new  risks.  The  strength  of  Zurich  MIP  lies  in  a  transparent  and  thorough 
set  of  solutions  for  writing  and  maintaining  global  insurance  programs  in  over  170 
countries.  Our  game-changing  solution  can  help  you  sleep  better  at  night,  no  matter 
the  time  zone.  For  more  details  about  Zurich  HelpPoint,  visit  www.zurich.com 


Here  to  help  your  world. 


Because  change  happenz 


In  the  United  States,  coverages  are  underwritten  by  member  companies  of  Zurich  in  North  America,  including  Zurich  American  Insurance  Company.  Certain  coverages  not  available  in  all  states.  Some  coverages  may 

be  written  on  a  non-admitted  basis  through  licensed  surplus  lines  brokers.  Risk  engineering  sen/ices  are  provided  by  Zurich  Services  Corporation,  'patent  pending. 


p 


M  EDITOR’S  NOTE 

Don  Tennant 


Elusiveness  of  Joy 


THE  COLUMN  1  wrote  last  week,  titled  “Asperger’s 
Oxymoron,”  offended  some  readers  because  of  my 
contention  that  the  contributions  that  Aspies  can 
make  to  society  are  necessarily  undermined  by  the 
degree  to  which  they  are  withdrawn  from  society  My  belief 
that  isolation  is  detrimental  to  the  human  spirit  and  to  the 


advancement  of  the  human 
race  isn’t  a  particularly 
popular  notion. 

There  are  many  dimen¬ 
sions  to  isolation.  One  that 
seems  to  be  particularly 
common  among  Aspies  is 
a  detachment  from  social 
norms  that,  rather  than 
manifesting  itself  as  en¬ 
dearing  nonconformity, 
tends  to  be  more  of  an 
oblivious  self-centeredness. 
The  focus  is  inward,  rather 
than  outward.  Take  Rich¬ 
ard  Stallman. 

I  mentioned  last  week 
that  Stallman,  founder  of 
the  Free  Software  Founda¬ 
tion,  had  referred  to  him¬ 
self  in  a  2000  interview  as 
being  “borderline  autistic.” 
While  he  shied  away  from 
that  assessment  in  my  in¬ 
terview  with  him  in  July, 
Stallman  did  acknowl¬ 
edge  that  he  suspected  he 
had  a  “shadow”  form  of 
Asperger’s. 

I  knew  very  little  about 
the  disorder  at  the  time, 
but  it  did  strike  me  that  he 
appeared  to  be  somewhat 
eccentric  and  glaringly 
devoid  of  social  grace.  I 
thought  it  was  cool  that  he 
felt  comfortable  enough 


to  meet  me  in  his  stock¬ 
ing  feet,  so  that  was  fine. 
But  during  the  course  of 
the  interview,  there  was 
an  inescapable  rudeness. 
Just  little  things.  It’s  no 
big  deal,  for  example,  that 
throughout  a  meeting  that 
lasted  nearly  two  hours,  he 
sipped  from  a  large  mug 
but  never  offered  me  so 
much  as  a  drink  of  water. 
It’s  just  that  it  clearly  dem¬ 
onstrates  an  inward  rather 
than  an  outward  focus. 

The  interview,  and  ex¬ 
tensive  subsequent  e-mail 
correspondence  with 
Stallman,  reinforced  a 
conclusion  I’d  drawn  from 
a  2002  biography  I’d  read 
to  prepare  for  our  discus¬ 
sion:  Stallman  is  not  a 
happy  person.  There  was 
a  certain  melancholy  that 
I’ve  since  observed  in  other 
people  who  identify  them- 

■  In  Aspies,  there’s 
a  detachment  from 
social  norms  that 
is  more  oblivious 
self-centeredness 
than  endearing 
nonconformity. 


selves  as  Aspies.  In  fact, 
I’ve  observed  through  my 
untrained  eye  that  Aspies 
can  be  content  in  a  certain 
environment,  but  real  hap¬ 
piness  seems  to  elude  them. 
Is  that  conclusion  off-base? 

For  a  reality  check,  I 
e-mailed  Barbara  Bisson- 
nette,  principal  at  Forward 
Motion  Coaching  in  West 
Boylston,  Mass.  She  pro¬ 
vides  career  counseling  for 
adults  with  Asperger’s. 

“I  wouldn’t  say  they  are 
inflrently  unhappy  people,” 
Bissonnette  replied.  “Most 
have  had  lifetimes  of  not  fit¬ 
ting  in,  being  ostracized/ 
marginalized  and  hearing 
about  everything  they  do 
‘wrong.’ . . .  The  fact  that 
it’s  a  hidden  disability 
compounds  the  problem 
because  people  don’t  realize 
that  some  of  the  unusual 
behaviors  of  an  Aspie  are 
not  intended  to  be  rude.” 

That  the  rudeness  may 
not  be  intentional  doesn’t 
make  it  any  less  off-putting. 
I  recently  received  an 
e-mail  from  Roy  Brander 
in  Calgary,  Alberta,  who 
wrote  that  when  he  was 
president  of  the  Calgary 
Unix  Users  Group,  he  in- 


2  C0MPUTERW0RLD  OCTOBER  13,  2008 


vited  Stallman  to  speak. 
Stallman  agreed  and  asked 
to  stay  at  a  member’s  home 
rather  than  at  a  hotel. 

“The  guy  who  hosted 
him  vowed,  ‘Never 
again,’  ”  Brander  wrote, 
adding  that  it’s  impos¬ 
sible  to  spend  time  with 
Stallman  “and  not  think 
‘Asperger’s  syndrome.’  ” 

He  noted  that  while  Stall¬ 
man’s  legendary  inflexibil¬ 
ity  can  be  forgiven  because 
it  “may  have  hard-wired 
neurological  roots,”  his 
intransigence  is  marginal¬ 
izing  him  within  the  free 
software  movement. 

I’m  now  convinced  that 
Stallman  has  far  more  than 
a  “shadow”  form  of  Asperg¬ 
er’s.  I’m  also  convinced 
that  his  relentless  free 
software  advocacy  is  driv¬ 
en  by  a  personal  distaste 
for  proprietary  software, 
rather  than  by  any  interest 
in  advancing  the  well-being 
of  others.  Hence  Stallman’s 
joyless  demeanor. 

Whether  or  not  the  elu¬ 
siveness  of  joy  among  Asp¬ 
ies  is  inherent,  it  remains 
painfully  apparent.  What 
brings  true  happiness  is 
serving  and  uplifting  other 
people  —  looking  outward 
rather  than  inward.  Aspies 
deserve  that  happiness, 
and  they  should  receive 
whatever  assistance  is 
needed  to  bring  it  about.  ■ 
Don  Tennant  is  editorial 
director  of  Computerworld 
and  InfoWorld.  Contact 
him  at  don_tennant@ 
computerworld.com,  and 
visit  his  blog  at  http:// 
blogs.computerworld.com/ 
tennant.  ^ 


Insurance 

Risk  Management 


We  provide  claims  handling  specialists  for 

those  not-so-special  moments. 

Zurich  HelpPoint  is  here  when  you  need  more  than  just  insurance.  That's  why  the 
moment  you  need  help,  we  engage  a  deeply  experienced  claims  team  with  an 
understanding  of  your  company  and  your  specific  needs.  They  can  quickly  assess 
the  damage  and  start  the  recovery  process  right  away.  We  understand 
that  besides  repairing  physical  damage,  a  quick  response  restores  what  you  need 
just  as  much;  your  confidence.  For  more  details  about  Zurich  HelpPoint, 

visit  www.zurich.com 

Here  to  help  your  world. 


10. 4  0* 

ZURICH 

Because  change  happenz 


In  the  United  States,  coverages  are  underwritten  by  member  companies  of  Zurich  in  North  America,  including  Zurich  American  Insurance  Company.  Certain  coverages  not  available  in  all  states.  Some  coverages  may 

be  written  on  a  non-admitted  basis  through  licensed  surplus  lines  brokers.  Risk  engineering  services  are  provided  by  Zurich  Services  Corporation 


f 


COMPUTERWORLD 

P.O.  Box  9171, 1  Speen  Street 
Framingham,  MA  01701 
(508)  879-0700 

Computerworld.com 

■  EDITORIAL 

Editorial  Director  Don  Tennant 
Editor  in  Chief  Scot  Finnie 

Executive  Editors  Mitch  Betts, 

Julia  King  (events) 

Managing  Editors  Michele  Lee  DeFilippo 
(production),  Sharon  Machlis  (online), 

Ken  Mingis  (news) 

Design  Director  Stephanie  Faucher 

Features  Editors  Kathleen  Melymuka, 

Valerie  Potter,  Ellen  Fanning  (special  reports), 
Barbara  Krasnoff  (reviews) 

Senior  Editors  Johanna  Ambrosio  (channels), 
Mike  Barton  (new  media),  Joyce  Carpenter 
(blogs  and  projects) 

Senior  News  Editor  Craig  Stedman 
News  Editors  Mike  Bucken,  Marian  Prokop 

National  Correspondents  Gary  Anthes, 
Thomas  Hoffman,  Julia  King,  Robert  L.  Mitchell 

Reporters  Sharon  Gaudin,  Matt  Hamblen, 
Heather  Havenstein,  Gregg  Keizer,  Eric  Lai,  Patrick 
Thibodeau,  Jaikumar  Vijayan,  Todd  R.  Weiss 

Video  Editor  David  Ramel 

Channel  Editors  Johanna  Ambrosio  (servers 
and  data  centers),  Lucas  Mearian  (storage), 

David  Ramel  (networking  and  Internet) 

Assistant  Managing  Editor  Bob  Rawson 
(production) 

Senior  News  Columnist  Frank  Hayes 
Art  Director  April  O'Connor 

Research  Manager  Mari  Keefe 

Senior  Copy  Editors  Eugene  Demaitre, 

Monica  Sambataro 

Copy  Editor  Donna  Sussman 

Associate  Editor,  Community  Ken  Gagnd 
Office  Manager  Linda  Gorgone 

Contributing  Editors  Jamie  Eckle, 

Preston  Gralla,  Tracy  Mayor 

■  CONTACTS 

Phone  numbers,  e-mail  addresses  and 
reporters’  beats  are  available  online  at 
Computerworld.com  (see  Contacts  link 
at  the  bottom  of  the  home  page). 

Letters  to  the  Editor  Send  to  letters® 
computerworld.com.  Include  an  address  and 
phone  number  for  immediate  verification. 

Letters  will  be  edited  for  brevity  and  clarity. 

News  tips  newstips@computerworld.com 
Subscriptions  and  back  issues  (888)  559- 
7327.  cw@omeda.com 
Reprints/permissions  The  YGS  Group, 

(800)  290-5460,  ext.  150,  computerworld® 
theygsgroup.com 


■  LETTERS 


Security  Efforts  Need 
Widespread  Support 

I  read  J.F.  Rice’s  Sept.  22  Security 
Manager’s  Journal,  “Making  En¬ 
emies,  but  Needing  Allies,”  with 
great  empathy.  In  my  experience, 
making  change  internally  is  almost 
impossible  unless  you  can  identify 
SWIFT  —  Specifically  What’s  In 
It  For  Them.  Unless  you  can  find  a 
few  goodies  for  the  other  depart¬ 
ments,  they  may  well  see  war  as  the 
preferred  choice. 

■  Dick  Benton,  principal  consultant, 
GlassHouse  Technologies  Inc., 
Framingham,  Mass., 
dbenton@glasshouse.com 

J.F.  Rice  is  approaching  the  matter 
of  security  from  the  wrong  angle. 
He  needn’t  seek  allies.  Getting 
people  within  other  IT  groups  to  do 
their  jobs  isn’t  his  responsibility. 

A  security  manager’s  expertise 
is  infosec  technology,  but  the  re¬ 
sponsibility  for  corporate  informa¬ 
tion  security  belongs  to  the  CIO 
and  other  executive  officers.  Hope¬ 
fully,  Rice’s  fledgling  group  exists 
because  executives  have  become 
aware  that  they,  not  the  security 
manager,  are  personally  liable  for 
IT  security.  It  is  the  CIO’s  responsi¬ 
bility  to  get  buy-in,  not  the  security 
manager’s  to  try  to  build  a  security 
program  using  a  grass-roots  ap¬ 
proach  within  IT.  If  your  organiza¬ 
tion  lacks  this,  there  is  no  way  that 
your  group  can  ever  be  effective, 
and  you  should  seek  another  posi¬ 
tion  that  isn’t  a  career-killer. 

After  a  few  meetings,  it  should 
become  obvious  to  all  competent 
technical  professionals  that  devel¬ 
oping  and  implementing  a  security 
program  is  in  their  own  best  in¬ 
terests.  It  provides  a  way  to  clean 
up  every  daily  operational  issue 
that  they’ve  been  wrestling  with.  If 
done  well,  it  eliminates  most  of  the 
frustrations  and  roadblocks  that 
have  stymied  them  in  the  past.  And 
in  contrast,  opposing  a  program 
that  has  management  endorsement 
is  usually  a  ticket  to  a  fast  trip  out 
the  door. 


4  COMPUTERWORLD  OCTOBER  13,  2008 


One  other  point:  If  an  organization 
thinks  of  IT  security  as  a  separate 
layer  on  top  of  an  existing  operation, 
it  isn’t  getting  full  value  from  its 
technology  investment.  IT  is  about 
managing  information.  If  you  aren’t 
using  it  as  an  enabler  and  a  profit¬ 
able  resource  for  the  company,  you 
don’t  get  it,  either. 

■  Paul  Schmied, 

Arlington  Heights,  III. 

Let  Web  2.0  Transform 
Business  Apps 

Computer-world’s  Sept.  1  Spotlight 
on  business  intelligence  provid¬ 
ed  insight  into  the  potential  of 
Web  2.0  to  revolutionize  usability 
of  business  applications.  Until 
organizations  can  provide  business 
users  with  applications  that  are 
as  easy  to  use  as  consumer  prod¬ 
ucts,  well  never  resolve  the  dis¬ 
connect  with  IT.  So  the  question 
is,  Why  has  business  technology 
lagged  so  far  behind  consumer 
technology? 

When  Apple  introduced  the 
iPod  and  the  iPhone,  it  trans¬ 
formed  consumer  expectations. 
Web  2.0  similarly  transforms  what 
business  information  consumers 
should  expect  from  business  ap¬ 
plications  and  from  IT,  but  the  in¬ 
dustry  needs  to  deliver  upon  those 
expectations. 

Web  2.0  technology  can  provide 
unprecedented  user  empowerment 
through  easier  ways  to  access, 
combine  and  personalize  data.  It 
provides  users  with  deeper  insight 
through  rich  visualization  such  as 
panoptic  views  (e.g.,  Google  Earth) 
and  multilayered  visualization 
(traffic  info  layered  on  top  of  street 
and  terrain  views).  It  provides  new 
ways  to  share  and  collaborate, 
from  instant  messaging  to  wikis. 
And  it  fundamentally  changes  the 
economics  of  delivering  applica¬ 
tions  through  cloud  computing 
and  SaaS. 

Thank  you  for  bringing  attention 
to  this  very  interesting  issue. 

■  Dale  Skeen ,  founder  and  CTO, 
Vitria  Technology,  Sunnyvale,  Calif. 


\ 


'  m'14 


Mm 


ibm.com  are  trademarks  of  International  Business  Machines  Corporation,  registered  in  many  jurisdictions  wortdvrideC% 
:  “Copyright  and  trademark  information"  at  www.ibm.com/lega/copytrade.shtml.  ©  2008  IBM  Corporation.  All  rights  resei 


IBM,: 


currer 


The  Foundry  will 
fake  over  AMD’s 
plan  to  build  this 
plant  in  Malta, 
N.Y.,  which  will 
eventually  employ 
1,465  workers. 


HARDWARE 


Struggling  AMD  Spins 
Off  Its  Fab  Operations 


Advanced  micro 

Devices  Inc.’s  move  to 
spin  off  its  manufac¬ 
turing  operations  generated 
praise  from  analysts  and 
questions  from  Intel  Corp. 
about  whether  it  violates  a 
cross-licensing  agreement 
between  the  two  companies. 

Sunnyvale,  Calif.-based 
AMD  last  week  announced 
it  is  spinning  off  its  fabrica¬ 
tion  operations  into  a  new 
firm,  temporarily  called  The 
Foundry  Co.,  to  cut  costs  and 
gain  an  infusion  of  capital. 

Advanced  Technology  In¬ 
vestment  Co.  (ATIC),  based 
in  Abu  Dhabi,  United  Arab 
Emirates,  paid  $2.1  billion 


for  a  majority  stake  in  the 
new  firm.  Co-owner  AMD 
will  retain  a  44.4%  stake. 

ATIC,  wholly  owned  by 
the  Abu  Dhabi  government, 
will  spend  between  $3.6  bil¬ 
lion  and  $6  billion  over  the 
next  five  years  to  expand  the 
firm’s  chip-making  capac¬ 
ity,  said  Doug  Grose,  CEO 
of  The  Foundry.  Grose  had 
been  senior  vice  president  of 
manufacturing  and  supply 
chain  management  at  AMD. 

Meanwhile,  Intel  said  it 
plans  to  evaluate  the  terms 
of  the  AMD-ATIC  agree¬ 
ment  to  determine  how  the 
deal  would  affect  the  licens¬ 
ing  pact,  which,  among  other 


THE  WEEK  AHEAD 

MONDAY:  Computerworid’ s  fall  Storage  Networking  World 
conference  opens  in  Dallas.  Gartner’s  Symposium/ITxpo 
2008  also  starts  today,  in  Orlando. 

TUESDAY:  Microsoft  plans  to  issue  11  software  updates 
-  four  rated  critical  -  as  part  of  its  monthly  batch  of  security 
fixes.  Also,  Apple  is  expected  to  announce  new  notebook  PCs. 

THURSDAY:  IBM,  Google  and  AMD  all  plan  to  report  their 
Q3  financial  results.  Intel’s  earnings  report  is  due  Tuesday. 


things,  lets  AMD  use  Intel’s 
x86  processor  architecture. 

An  AMD  spokesman  said 
the  company  structured  the 
spin-off  “in  a  way  that  takes 
into  account  all  our  licens¬ 
ing  agreements  to  ensure 
The  Foundry  will  be  able  to 
manufacture  all  of  AMD’s 
products.” 

Despite  the  potential  li¬ 
censing  problem,  analysts 
said  the  deal  could  rejuve¬ 
nate  AMD  after  two  years 
of  struggles.  “The  industry 
will  be  dealing  with  an 
AMD  that’s  a  good  deal 
more  nimble,  because  they 
won’t  be  dealing  with  the 
same  financial  burdens  or 
the  fab  plants,”  said  Dean 
McCarron,  president  of 
Mercury  Research  in  Cave 
Creek,  Ariz. 

Early  in  the  decade,  AMD 
had  grabbed  a  solid  footing 
in  the  market,  and  analysts 
cited  its  success  as  a  reason 
Intel  floundered  between 
2003  and  2005. 

Intel  responded  in  2006 
with  a  reorganization  that 
curbed  AMD’s  momentum. 
After  that,  AMD  stumbled 
further  under  the  weight  of 
its  $5.4  billion  purchase  of 
ATI  Technologies  Inc.  and 
its  delayed  Barcelona  chip. 

In  July,  after  AMD’s  sev¬ 
enth  straight  quarterly  loss, 
Dirk  Meyer  replaced  Hector 
Ruiz  as  CEO.  Ruiz  last  week 
was  named  chairman  of  The 
Foundry. 

—  Sharon  Gaudin 


has 

thrown  another  lifeline  to 
Windows  XP  users,  extend¬ 
ing  by  six  months  its  cutoff 
date  for  stopping  shipments 
of  the  seven-year-old  oper¬ 
ating  system  to  PC  vendors. 

Hardware  makers  that 
offer  “downgrades”  from 
Windows  Vista  Business  or 
Vista  Ultimate  will  now  be 

More  than  a  third 
of  new  PCs  are  being 
downgraded  to  XP, 
according  to  Devil 
Mountain  Software. 

able  to  get  copies  of  XP  Pro¬ 
fessional  through  the  end 
of  next  July,  Microsoft  said. 
Previously,  it  had  planned  to 
halt  XP  shipments  Jan.  31. 

Microsoft  stopped  retail 
sales  and  regular  licensing 
Of  XP  on  June  30.  But  it 
maintained  the  downgrade 
option,  which  lets  PC  ven¬ 
dors  install  XP  Professional 
and  give  users  copies  of 
Vista  for  possible  future  use. 

XP  may  be  available  long 
past  next  July  if  vendors 
stockpile  it.  “Downgrade 
rights  do  not  expire,”  a  Mi¬ 
crosoft  spokeswoman  said. 

-GREGG  KEIZER 


6  C0MPUTERW0RLD  OCTOBER  13,  2008 


IBM's  Smart  SOA  approach  can  help  you  increase  control  and  visibility  of 
your  business  processes  while  limiting  your  carbon  impact.  With  IBM’s  help, 
companies  like  Citigroup  have  reduced  application-processing  time  from  two 
weeks  to  two  days.  Efficiency  goes  up.  Energy  costs  go  down.  A  greener 
world  starts  with  greener  business.  Greener  business  starts  with  IBM. 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD 

See  our  Webcast  on  greener  processes  at  ibm.com/green/soa 


'  6  S  (13 

. 

)>  jU’vl  t‘( >i  potation.  All  right;  renwvHii 


NEWS  DIGEST 


Short 


IT  SPENDING 

SAP  Says  Q3  Sales  Hit  by 
Crisis  in  Financial  Markets 


SAP  AG  last  week 
warned  that  its 
third-quarter 
financial  results 
will  be  below  expectations 
because  of  a  sales  drop-off 
in  late  September  —  a  sur¬ 
prise  occurrence  that  the 
software  vendor  blamed  on 
the  turmoil  in  the  world’s 
financial  markets. 

In  a  preliminary  third- 
quarter  announcement, 
SAP  said  that  concern 
among  corporate  users 
over  the  financial  melt¬ 
down  “triggered  a  very 
sudden  and  unexpected 
drop  in  business  activity  at 
the  end  of  the  quarter 


SAP,  which  is  scheduled 
to  report  its  full  results  on 
Oct.  28,  now  expects  soft¬ 
ware  and  related  services 
revenue  to  total  between 
€1.97  billion  and  €1.98  bil¬ 
lion  (about  $2.7  billion  U.S.). 
That  would  be  an  increase 
of  as  much  as  14%  over  last 
year  but  less  than  the  com¬ 
pany  had  been  expecting. 

Henning  Kagermann, 
SAP’s  co-CEO,  said  dur¬ 
ing  a  conference  call  with 
reporters  and  analysts 
that  the  vendor  thought  it 
would  hit  its  original  sales 
plan  until  the  financial  cri¬ 
sis  worsened. 

“We  executed  well  dur¬ 


ing  most  of  the  third  quar¬ 
ter,”  Kagermann  said.  But 
the  economic  woes  are  hav¬ 
ing  “a  strong  impact  on  our 
ability  to  sign  contracts,” 
he  added.  “Many  customers 
expressed  the  need  to  focus 
on  shorter-term  concerns 
and  put  planned  IT  invest¬ 
ments  on  hold  for  now.” 

Kagermann  disclosed 
that  SAP  is  implement¬ 
ing  some  cost-cutting 
measures,  including  a 
reduction  in  temporary 
workers  and  a  hiring  freeze 
in  which  employees  who 
leave  won’t  be  replaced. 

Consulting  firms  Gartner 
Inc.  and  Forrester  Research 
Inc.  both  forecast  recently 
that  despite  the  meltdown 
on  Wall  Street,  IT  spend¬ 
ing  will  continue  to  grow, 
though  at  reduced  rates. 

And  in  a  preliminary 
earnings  announcement  of 
its  own,  IBM  didn’t  show 
any  of  the  same  ill  effects 
that  hit  SAP.  IBM,  which 
plans  to  report  its  results 
on  Thursday,  said  that 
third-quarter  net  income 
will  be  up  20%  year-over- 
year  and  that  it  remains  on 
track  for  profit  growth  of  at 
least  22%  for  the  full  year. 

—  Chris  Kanaracus  and  James 
Niccolai,  IDG  News  Service 


today  plans  to  introduce 
a  four-socket  midrange 
server  based  on  its  Ultra- 
Sparc  T2  Plus  processor. 
The  Sparc  Enterprise 
T544Q  supports  up  to  ■  2 
processor  cores  and  is 
priced  from  S44.995. 

Oracle  Corp.  agreed  to 
purchase 

ferns  Inc.,  a  maker  of  project 
portfolio  management 
software,  for  an  undisclosec 
sum.  Primavera  will  be  par 
of  a  new  Oracle  business 
unit  headed  by  Primavera 
CEO  Joel  Ko ppelma n . 

has 

agreed  to  pay  S695  mil¬ 
lion  to  buy 

,  a  U.K.  p  wider  t 
hosted  filtering  services 
for  spam  and  Web  traffic. 
The  offering  will  be  added 
to  Symantec’s  Protection 
Network  of  hosted  back¬ 
up,  data  restoration  and 
remote  access  services. 

today  is 

set  to  iveil  Version  13  of 
its  namesake  decision- 
support  database,  along 
with  a  data  warehousing 
appliance  that  company 
officials  said  can  handle 
up  to  50  petabytes  of  data 


HIRING  AND  RECRUITING 

Feds  Find  High  Levei  of 
Fraud  in  H-1B  Petitions 


A  recent  review  of  246  H-1B 
visa  applications  by  U.S.  Citi¬ 
zenship  and  Immigration  Ser¬ 
vices  (USCIS)  found  that  21% 
contained  fraudulent  informa¬ 
tion  or  “technical  violations”  of 
federal  laws  and  regulations. 

The  violation  rate  was  even 
higher  in  cases  involving  com¬ 
puter  professionals.  Twenty- 
eight  of  the  104  that  were  ex¬ 
amined,  or  27%,  had  violations 


of  some  sort,  according  to  a 
USCIS  report  that  was  finalized 
in  September  and  publicly  re¬ 
leased  last  week  by  Sen.  Chuck 
Grassley  (R-lowa). 

USCIS  investigators  examined 
a  random  sample  of  the  nearly 
97,000  H-1B  petitions  hied  in 
late  2005  and  early  2006.  They 
found  problems  such  as  forged 
signatures,  fake  degrees  and 
the  use  of  shell  companies  in 


Businesses  with  25  or 
fewer  employees  and  rev¬ 
enue  of  less  than  S10  million 
had  higher  rates  of  H-1B 
fraud  than  larger  compa¬ 
nies  did,  the  USCIS  said. 

Of  114  cases  involving 
workers  from  India,  25% 
were  found  to  involve  fraud 
or  technical  violations.  No 
other  countries  had  statisti¬ 
cally  valid  samples. 


or  had  them  doing  jobs  that 
weren’t  listed  on  their  visa 
applications,  the  report  said. 

The  report’s  authors  called 
the  level  of  fraud  a  “significant 
vulnerability”  for  the  H-1B 
program  and  wrote  that  the 
USCIS  is  making  “procedural 
changes”  in  response  to  the 
findings.  An  agency  spokesman 
said  Friday  that  possible  steps 
include  checking  applications 
against  external  records  and 
using  fraud  indicators  to  flag 
petitions  for  increased  scrutiny. 

-PATRICK  THIBODEAU 


8  C0MPUTERW0RLD  OCTOBER  13, 2008 


CARBON 


FOR  BEAN 
COUNTERS 


IBM  collaboration  software  and  services  connect  people  faster  wherever 


tt.l.Ol 


they  are,  which  means  less  jet  fuel,  energy  and  money.  And  IBM  software’s 
advanced  deduplication  and  data  compression  can  lower  the  energy  and 
space  costs  of  your  collaboration  infrastructure  by  up  to  half.  A  greener  world 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

Seelfie  green  demo  at  ibm.com/green/collaboration 


wa ■/,.  ter.;-:  J 


I 


Wmmm. 


registered  in  many  jurisdictions  worldwide.  A  curit!flfl!5!  ol  IBM  trad' 
Ijjtml.  ©  2008  IBM  Corporation.  All  rights  reserved. 


l  iternational  Business  Machines  Corpr 
ir  formation’  at  www.ibm.com/legal/cop) 


■  NEWS  DIGEST 


HARDWARE 


UPS  Tests  Devices  That 
Keep  Track  of  Truck  Data 


Motorola’s  VC6096  is  an  on¬ 
board  ruggedized  mobile  computer. 


UNITED  PARCEL  Ser¬ 
vice  Inc.  is  testing 
a  new  ruggedized 
mobile  computer  in 
its  trucks  that  can  wirelessly 
log  departure  and  arrival 
times  and  provide  managers 
with  data  on  vehicle  speed 
and  idle  times. 

Test  versions  of  Motorola 
Inc.’s  VC6096  Windows 
Mobile-based  system,  un¬ 
veiled  last  week,  have  been 
installed  inside  long-haul 
UPS  trailer  trucks  and  large 
trucks  that  move  packages 
among  sorting  facilities. 

A  spokeswoman  wouldn’t 
say  how  many  of  the  comput¬ 
ers  Atlanta-based  UPS  plans 
to  buy,  but  she  noted  that  it 
will  be  a  “sizable”  number 
by  the  time  the  company’s 
deployment  is  completed, 
which  is  expected  in  2010. 

The  computers  will  be 
generally  available  early  next 
year  for  $4,395. 

The  spokeswoman  said 
UPS  has  used  the  system  to 
measure  and  compile  truck 
speed,  RPM,  braking  and 
idle-time  data.  More  func¬ 
tions  will  be  tested  later. 

The  4.8-lb.  computer 
includes  a  keyboard,  a 
6.5-in.  touch  display,  128MB 
of  RAM  and  256MB  of  flash 


GPS  and  Bluetooth  wireless 
specifications. 

UPS  said  its  100,000-plus 
drivers  will  continue  to  use 
their  fourth-generation  pro¬ 
prietary  handhelds  jointly 
built  by  Motorola  and  Symbol  ; 
Technologies  Inc.,  which  J 

Motorola  acquired  last  year.  I 

Kevin  Burden,  an  analyst 
at  ABI  Research,  said  ve¬ 
hicle  telemetries  have  long 
been  controversial  because 
of  fears  that  management 
will  invade  drivers’  privacy. 

Despite  these  concerns, 
Burden  said  companies  such  j 
as  J.B.  Hunt  Transport  Ser¬ 
vices  Inc.  have  found  that 
they  can  use  such  systems  to  » 
“stay  on  top  of  the  workforce  ; 
in  the  trucking  business,  { 
where  time  is  everything.” 

—  Matt  Hamblen  I 


Global  t 
Dispatches 


German  Computer 
Maker  For  €26M 

LESCLAYES-SOUS-BOIS, 
FRANCE-  Bull  SA  last  week 
agreed  to  buy  Science  +  Com¬ 
puting  AG,  a  maker  of  high- 
performance  computers,  for 
an  undisclosed  sum. 

Bull  CEO  Oidier  Lamcuche 
called  the  acquisition  a  key 
piece  of  the  company’s  three- 
year  move  into  the  high-perfor¬ 
mance  computing  business. 

Tubingen,  Germany-based 
Science  +  Computing  reported 
revenue  of  €26  million  ($35 
million  U.S.)  for  its  fiscal  year, 
which  ended  in  June.  Bull, 
based  here,  said  Science  + 
Computing  will  operate  as  an 
independent  firm. 


memory.  It  supports  Wi-Fi, 


BETWEEN  THE  LINES 


WE  PLAM  to 
DEMOCRATIZE 
WWE5S  WTElLlfcENCe. 


By  John  Klossner 


First,  we  stuff 
the  mm 


Despite  tightened  credit 
markets, 

secured  a  S  .1  billion  loan, 
needed  to  help  fund:  its 
S3  billion  acquisition  of 

launched  an  <  ien  beta 
reli  ise  of  Bluehouse,  a 
Web-based  service  that 


combines  social  network¬ 
ing  and  online  collaboration 
tools  for  business  uses. 

founded  by  Steve 
Jobs  after  he  temporarily 
left  Apple,  unveiled  its  first 
workstation.  The  cube- 
shaped  system  was  a  com¬ 
mercial  bust,  though. 


■ 


Bull  last  week  also  agreed 
to  sell  its  U.S.-based  Medicaid 
services  business  to  Ingenix 
Inc.  in  Eden  Prairie,  Minn. 
Terms  of  the  deal  were  not  dis¬ 
closed.  The  business  provides 
business  intelligence  tools  to 
human  services  agencies. 
Mikael  RicknAs, 

IDG  News  Service 


Toshiba  Rians  for 
Fuel-Cell  Launch 

TOKYO- Toshiba  CwpJasJ 
week  said  it  plans  to  unveil 
before  March  31  its  first 
commercial  direct-methanol 
fuel-cell  device,  which  offers 
fast  recharges  of  portable 
electronic  devices. 

Toshiba  wouldn’t  identify 
the  product  to  be  unveiled  but 
had  displayed  a  cell  phone  run¬ 
ning  on  a  fuel  cell  at  the  Ceatec 
trade  show  here  this  month. 

Direct-methanol  fuel  cells 
produce  electricity  from  a 


reaction  between  methanol, 
water  and  air,  and  are  often 
called  &  greener  source  of  en¬ 
ergy  than  traditional  batteries. 

The  phone  shown  at  Ceatec 
was  powered  by  a  fuel  cell 
under  the  keypad.  Although 
the  phone  was  a  prototype,  the 
build  quality  was  close  to  that 
of  a  commercial  product. 
Martyn  Williams, 

IDG  News  Service 


BRIEFLY  NOTED 

IBM  this  month  announced 
plans  to  open  a  £2  million 
($3.4  million)  data  center  in 
Greenock,  Scotland,  early  next 
year  to  manage  and  run  IT  op¬ 
erations  for  midsize  businesses, 
Jeremy  Kirk, 

IDG  News 
Service 


10  COMPUTERWORLD  OCTOBER  13, 2008 


gbgSiffi 


With  the  world’s  data  growing  dramatically.  IBM  storage  virtualization  solutions 
can  help  you  gain  control  in  a  responsible,  energy-efficient  way.  The  IBM 
System  Storage  SAN  Volume  Controller  can  reduce  storage  growth  by  up  to 
20%  and  boost  Utilization  by  as  much  as  30%.  And  combined  with  IBM  tape 
solutions,  some  companies  have  reduced  their  TCO  by  as  much  as  50%’.  A 
greener  world  starts  with  greener  business.  Greener  business  starts  with  IBM. 


a  &  I- 

1 

; 

. 

; 

. 

%  4 

. 


ICO  estimates  based  on  IBM  internal  ctudy.  IBM.  the  IBM  logo,  ibrn  corn  and .System  Storage  arc  tradernaH<«^f'.intdrrtatlcnal  Ccirioraitdn. 

jurisdictions  worldwide.  A  current  list  of  IBM  trademarks  »s  available  on  the  Web  at  '‘Copyright  ana  tredoo»aik  information"  at  www  rb'm$fc^ 

©  ?008  IBM  Corporation.  Ail  rights  reserved. 


Pf  Frcff 

p£r  r1 

Enterprise-class  solid-state  drives  like  STEC  Inc.’s  ZeuslOPS  offer  better  speed  and  performance  than  platter-based  storage  -  at  a  premium  price. 


Solid  State  Not  Yet 
On  Solid  Ground 

But  some  companies  could  find  a 
strong  ROI  despite  the  high  price  tag, 
analysts  say.  By  Todd  R.  Weiss 


Companies  are 

slowly  starting  to 
more  closely  evalu¬ 
ate  solid-state  stor¬ 
age  technologies,  though 
most  are  still  waiting  for  the 
cost  to  come  down  before 
implementing  it. 

Several  users  interviewed 
recently  agreed  that  solid- 
state  technology  could  one 
day  boost  their  companies’ 
bottom  lines,  but  none  were 
ready  yet  to  jump  on  the 
bandwagon. 

For  example,  Michael 
Loffredo,  an  IT  regional 
manager  at  Cushman  & 
Wakefield  Inc.,  a  real  estate 
company  in  New  York,  said 
that  he  has  tried  to  deter¬ 
mine  whether  solid-state 
technology’s  strong  per¬ 
formance,  lack  of  moving 


parts  and  increased  power 
efficiency  could  justify  the 
significant  upfront  cost. 

His  analysis  found  that 
“the  cost  is  still  too  expen¬ 
sive,”  he  said. 

Loffredo  said  the  com¬ 
pany  is  holding  off  on  any 
testing  of  solid-state  drives 
in  its  IT  labs  until  the  costs 
come  down  to  just  25%  to 
30%  more  than  traditional 
hard  disk  drives. 

Jim  Handy,  a  semicon- 


MCost  is  stil 
kicking  us 
in  the  butt. 

RAPHAEL  GARCSA, 

BACKUP  AND  STORAGE 

QUEENS  LIBRARY 


ductor  market  analyst  at 
Objective  Analysis  in  Los 
Gatos,  Calif.,  estimates  that 
the  average  cost  of  a  solid- 
state  drive  today  is  $5,000, 
compared  with  $300  for  a 
high-speed,  platter-based 
hard  drive. 

Despite  the  wide  cost 
disparity,  Handy  said  that 
companies  shouldn’t  simply 
write  off  solid-state  storage 
because  of  the  high  price. 

He  suggested  that  a  study  of 
how  the  technology  affects 
storage  costs  could  show 
that  savings  would  come 
sooner  than  expected. 

For  example,  he  said,  mul¬ 
tiple  hard  drives  could  be 
replaced  by  a  single  solid- 
state  offering.  Currently, 
“data  you  don’t  need  that 
often  is  on  slower  drives, 


and  needed  data  is  on  faster 
drives,”  Handy  said.  A  com¬ 
pany  could  replace  those 
hard  drives  with  a  single 
solid-state  one,  which  would 
provide  a  strong  return  on 
investment,  he  said. 

Handy  noted  that  some  IT 
departments  “short-stroke” 
hard  drives  by  placing  data 
only  on  the  outer  edges  of 
large-capacity  disk  drives  to 
ensure  fast  access.  In  those 
cases,  users  are  spending 
money  for  a  significant 
amount  of  unused  storage 
capacity.  A  solid-state  drive 
offers  top  performance  even 
when  it’s  filled  to  capacity, 
he  said. 

“That  is  like  the  easy  prey 
for  the  use  of  enterprise 
solid-state  drives,”  especial¬ 
ly  for  businesses  running 
more  than  100,000  hard  disk 
drives,  Handy  added. 

Loffredo  noted  that  solid- 
state  drive  vendors  could 
quickly  boost  sales  to  corpo¬ 
rate  IT  by  improving  trade- 
in  policies.  “If  the  hardware 
companies  were  a  little 
more  aggressive  in  their 
buybacks  [of  older  equip¬ 
ment],  that  would  help” 
companies  deal  with  high 
solid-state  costs,  he  said. 

Cushman  &  Wakefield 
Continued  on  page  14 


■ 


12  C0MPUTERW0RLD  OCTOBER  13, 2008 


he  Smart-UPS®  closet  solution: 
lanaged,  secured,  cooled 


Key  Code 

httpj/www. ape. com/promo  ei82w 

888.289.APCC  x9685  •  FAX:  401.7882797 


Register  to  WIN  a  Smart-UPS®  XL 
1400VA  Rackmount  -  $779  Value! 


Name: 

Title: 

Company: 

Address: 

Address  2: 

City/Tbwn: 

State: 

Zip: 

Country: 

Phone: 

Fax: 

e-mail: 

i _ J  Yes!  Send  me  more  information  via  e-mail  and  sign  me  up  for  APC  Powernews  e-mail  newsletter.  [  Key  Code:  ei82w] 

What  type  of  availability  solution  do  you  need? 

□  UPS:  0-1 6KVA  (Single-phase)  □  UPS:10-80kVA  (3-phase  AC)  □UPS:80+kVA(3-phaseAC)  DDC  Power 

□  Network  Enclosures  and  Racks  □  Precision  Air  Conditioning  □  Monitoring  and  Management 

□  Cables/Wires  □  Mobile  Protection  □  Surge  Protection  DUPS  Upgrade  □Don'tknow 
Purchase  timeframe?  Q<1  Month  □1-3  Months  □  3-12  Months  Q1  Yr.  Plus 

You  are  (check  1 ):  □  Home/Home  Office  □Business  (<1 000  employees)  □  Large  Corp.  (>1 000  employees) 

□Gov't,  Education,  Public  Org.  QAPC  Sellers  &  Partners 


Legendary  Reliability* 


®2008  American  Power  Conversion  Corporation.  All  trademarks  are  owned  by  Schneider  Electric  Industries  SAS.,  American  Power  Conversion  Corporation  or  their  affiliated  companies. 
SU4A7EB_ENa  •  e-mail:  esupport@apc.com  •  132  Fairgrounds  Road,  West  Kingston.  Rl  02892  USA 


ATTENTION  CRC:e182w 
132  FAIRGROUNDS  ROAD 
PO  BOX  278 

WEST  KINGSTON  Rl  02892-9920 


III.  .ml.  II.  .1.1. 1 


I.II.I..I.I....I.III...I.I..I 


How  to  Contact  APC 

Call:  1. 888.289.  APCC  x9685 

Fax:  401.788.2797 

Visit  htipj/wHw.apc.com/promo 

enter  key  Code  e182w 


APC 

Legendary  Reliability' 


l 


The  Smart-UPS®  closet  solution: 
managed,  secured,  cooled. 


Need  to  get  out  of  the  closet  -  but  still  keep  an  eye  on  your  network? 
Bet  you  never  thought  you'd  end  up  with  so  many  closets  to  look 
after.  And,  as  they've  grown  in  numbers,  they've  also  grown  in 
complexity,  adding  to  the  risk  -  and  the  high  cost  -  of  downtime. 

The  availability  of  those  closets  is  critical,  but  whether  your  network 
is  converged,  in  multiple  locations,  or  housed  out  of  sight  and  out 
of  mind,  you  can't  be  in  ten  places  at  once,  making  sure  they're  all 


Network  management  enabled  UPS 

Smart-UPS'  XL  starts  at  $1125 
Performance  power  protection  with  runtime 
for  servers,  and  voice  and  data  networks. 

•Included  PowerChute  management  software 
•Intelligent  battery  management 
•Hot-swappable  batteries,  scalable  runtime 
•Modular:  tower  or  rack  mount,  hardware  included 


secure  and  running  smoothly. 

Fortunately,  APC  has  engineered  an  integrated  solution  that  starts 
with  new  Smart-UPS  XL  -  the  Smart-UPS  you  already  know  and 
trust,  made  even  smarter  with  integrated  management  and  security- 
enabled  features.  Your  view  into  the  network  closet  has  never  been 
clearer,  with  automatic  alerts  of  power  events,  security  threats,  or 
thermal  incidents  that  put  your  critical  availability  at  risk. 


Management  upgrades 

PowerChute®  Business  Edition 

Reliable  network-based  shutdown  of  multiple  servers. 
Included  with  Smart-UPS.  Upgrades 
available  starting  at  $279 
•Application  shutdown  support 
•Battery  capacity  indicator 
•e-mail  notification 


If  you're  converging  your  network  or  just  need  an  extra  pair  of 
eyes,  start  with  APC  Smart-UPS  XL:  the  foundation  for  highly 
available,  secure,  cooled,  managed  networks. 


UPS  solutions  start  at  $1125 


'-UPS' XL 
NEW!  APC  Smart-UPS  XL  Modular 
3000VA  120V  Rackmount/Tower 


[compatible] 

APCs  Smart-UPS  and  Symmetra 
lines  are  certified  Cisco  Compatible, 
integrate  with  Cisco  CallManager 
version  4.x  and  Cisco  Unity  Express  and 
provide  graceful  unattended  shutdown  in 
the  event  of  an  extended  power  outage. 


Compatibility  certifications  with  the  industry's  top 
IP  Telephony  Vendors:  Cisco,  Avaya,  and  Nortel 

Find  APC  power  protection  products  at 


InfraStruXure®  Central 

Provides  an  efficient  way  for  organizations  to  manage 
their  company-wide  physical  infrastructure  devices. 
•Beal-time  device  monitoring 
•Custom  reporting  capabilities 
•Advanced  security 
•Instant  event  notification 


Security 


NetBotz  Security  and  Environmental  starts  at  $889 
Protecting  IT  assets  from  physical  and  environmental  threats. 

•  Visual  monitoring  of  all  activities  in 
the  data  center  or  wiring  closet 

•  Third-party  monitoring  via  dry-contacts, 

SNMP,  IPMI,  0-5V  and  4-20mA 

•User-configurable  alarm  and  escalation  policies 
•Temperature,  humidity,  and  leak  detection 


Cooling 


Wiring  Closet  Ventilation  Unit 

starts  at  $869 

(Up  to  3kW  of  heat  removal)  Rapidly  deployable  wall  or 
ceiling-mounted  heat  removal  system  for  wiring  closets. 


InfraStruXure®  InRow  SC  starts  at  $7200 
(Up  to  7kW)  Rapidly  deployable,  in-row  air 
conditioning  for  server  rooms  and  wiring  closets. 
•Eliminates  hot  air  mixing;  maximizes  cooling  efficiency 
•Network  manageable 
•Real-time  capacity  monitoring 
•Modular,  scalable 


Register  to  WIN  a  Smart-UPS®  XL  1400VA 
Rackmount  -  a  $779  Value! 

Visit  www.apc.com/pramo  and  enter  key  code  e182w  •  Call  888-289-APCC  x9685  •  Fax  401-788-2797 


by  Schneider  Electric 


©  2008  American  Power  Conversion  Corporation.  All  trademarks  are  owned  by  Schneider  Electric  Industries  S.A.S.,  American  Power  Conversion  Corporation,  or  their  affiliated  companies 
e-mail:  esupport@apc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  •  AX3A7EF_EN  "Runtimes  may  vary  depending  on  load. 


■  NEWS  ANALYSIS 


Continued  from  page  12 
could  benefit  from  using 
solid-state  storage  products 
to  store  e-mail  for  its  4,700 
users  —  if  the  price  was 
right.  Most  of  the  company’s 
agents  save  old  e-mails  to 
use  in  future  communica¬ 
tions  with  past  clients.  Stor¬ 
ing  the  documents  from  that 
many  users  requires  strong 
storage  and  retrieval  speeds, 
Loffredo  said. 

George  Crump,  an  analyst 
at  Storage  Switzerland  LLC, 
predicted  that  many  com¬ 
panies  will  start  turning  to 
solid-state  storage  systems 
once  they  can  prove  that  they 
significantly  boost  business. 

Businesses  like  stock  trad¬ 
ers  and  financial  services 
firms,  which  depend  heavily 
on  fast  data-flow  speeds, 
could  benefit  from  the  tech¬ 
nology  today,  Crump  said. 

He  noted  that  compa¬ 
nies  can  choose  from  two 
types  of  solid-state  drives: 
dynamic  RAM-based  and 
flash-based  devices.  DRAM 
storage  is  faster  but  costs  far 
more  than  flash-based. 

For  example,  2TB  of 
flash-based  storage  costs 
about  $180,000,  compared 
with  about  $1  million  for  the 
same  amount  of  DRAM- 
based  storage.  “DRAM  is 
faster,  but  if  flash  does  it  for 
you,  why  spend  the  extra 
money?”  Crump  asked. 

DRAM-based  drives, 
which  can  read  or  write  data 
in  0.015  milliseconds,  operate 
at  a  random  speed  of 400,000 
I/O  tasks  per  second,  Crump 
said.  The  drives  are  best  for 
write-intensive  software 
and  for  businesses  that  use 
high-performance  database 
applications,  he  added. 

A  flash-based  storage 
drive  can  read  or  write  data 
in  0.2  milliseconds  and  oper¬ 
ates  at  read  speeds  of  up  to 
100,000  I/O  tasks  per  second 
and  write  speeds  of  up  to 
25,000  I/O  tasks  per  second, 


Crump  said.  The  technology 
is  best  for  “read-heavy  ap¬ 
plications,”  he  added. 

LINGERING  SKEPTICISM 

John  Webster,  an  analyst  at 
Illuminata  Inc.,  said  that  en¬ 
terprise  buyers  are  starting  to 
understand  the  technical  and 
performance  benefits  of  soft- 
state  drives,  but  most  believe 
they  can  get  by  without  them. 
“It’s  the  typical  response,” 
he  said.  They  are  “a  little  bit 
skeptical  at  this  point.” 

Raphael  Garcia,  a  backup 
and  storage  administrator 
at  the  Queens  Library  in  Ja¬ 
maica,  N.Y.,  said  solid-state 
technology  could  save  his 
organization  money  over  the 
long  run,  but  as  a  public  en¬ 
tity,  the  library  lacks  start-up 
funding.  “Cost  is  still  kick¬ 


ing  us  in  the  butt,”  he  said. 

The  use  of  the  more  rug¬ 
ged  solid-state  drives  in 
laptops  for  library  personnel 
could  result  in  long-term 
savings,  he  said.  “They 
could  cost  more  initially, 
but  then  they  could  save 
money  on  maintenance  and 
repairs,”  Garcia  said. 

A  systems  administrator  at 
a  New  York-based  financial 
services  firm,  who  asked  that 
his  name  not  be  used,  said 
his  company  has  been  eyeing 
solid-state  storage  technol¬ 
ogy  but  hasn’t  yet  decided 
whether  to  implement  it. 

“My  company  doesn’t 
like  bleeding-edge,”  he  said. 
“They  like  proven  technolo¬ 
gies.  Down  the  road,  we’re 
going  to  look  at  it  hard,  think 
hard  and  reassess  the  ben¬ 
efits,  which  may  be  many.” 


Ultimately,  the  per¬ 
formance  benefits  of  the 
technology  could  force  the 
firm  to  spend  the  extra  dol¬ 
lars.  “Without  speed,  we’re 
dead,”  he  said. 

Oppenheimer  &  Co. 
doesn’t  need  the  new  tech¬ 
nology  at  this  point,  said 
Michael  McCardle,  storage 
technology  manager  at  the 
New  York-based  financial 
services  company. 

“A  lot  of  bleeding-edge 
technologies  are  real  nice,” 
he  said.  “But  when  you  boil 
it  all  down,  how  much  of  it 
do  you  really  need?” 

Today,  Oppenheimer  has 
hard  drive  storage  technolo¬ 
gies  that  provide  adequate 
speed  at  costs  that  can  be  ra¬ 
tionalized  for  the  company’s 
4,000  or  so  users,  McCardle 


said.  “It  goes  back  to  the 
needs  of  the  business,”  he 
said.  “If  the  need  doesn’t  exist, 
then  the  interest  is  minimal.” 

The  company’s  storage 
technology  needs  are  re¬ 
evaluated  when  business  re¬ 
quirements  change,  but  “the 
purse  strings  are  very  tight 
these  days,”  he  noted.  “Until 
we  feel  pain  that  will  drive 
the  need  for  a  technology  re¬ 
fresh,”  a  move  to  emerging 
technologies  like  solid-state 
storage  won’t  happen. 

A  storage  architect  at  a 
New  York-based  publishing 
company,  who  also  asked 
not  to  be  identified,  said 
the  benefits  of  solid-state 
wouldn’t  come  close  to 
equaling  the  costs  for  busi¬ 
nesses  in  his  industry. 

“We  don’t  have  the  ap¬ 
plications  that  necessitate 


them,”  he  said.  “We  deal 
with  a  different  data  set 
compared  to  firms  that  do 
data  analysis.  We  deal  with 
content  creation.  We  find 
that  second-tier  storage 
[such  as  Serial  ATA  technol¬ 
ogy]  is  adequate  for  even 
our  highest-performing  ap¬ 
plications.” 

Handy  noted  that  to  date, 
only  a  small  percentage  of 
solid-state  drives  sold  are 
used  by  large  IT  organiza¬ 
tions.  Of  about  500,000  sold 
annually  today,  only  20,000 
are  purchased  by  corporate 
IT  operations. 

Objective  Analysis  proj¬ 
ects  that  the  number  of 
solid-state  storage  devices 
sold  to  data  centers  will  in¬ 
crease  to  2  million  per  year 
in  2013,  though  it  will  re¬ 
main  a  small  percentage  of 
that  year’s  projected  sales  of 
50  million  units.  Solid-state 
sales  will  also  continue  to 
lag  far  behind  shipments  of 
hard-disk  products,  which 
Handy  projects  will  reach 
800  million  in  2013. 

Meanwhile,  IDC  estimates 
that  solid-state  drive  sales 
totaled  $396  million  in  2007 
and  that  the  total  will  grow 
at  a  70%  compound  annual 
growth  rate  through  2012, 
said  Jeff  Janukowicz,  an 
analyst  at  the  firm.  Over  the 
long  term,  he  said,  “the  real 
growth  engine  will  be  de¬ 
rived  from  new  markets  that 
solid-state  drives  are  just 
now  beginning  to  penetrate. 
Thus,  we  think  the  future 
continues  to  look  bright.” 

To  push  the  new  technol¬ 
ogy  into  corporate  data  cen¬ 
ters,  the  Storage  Networking 
Industry  Association  last 
month  unveiled  a  solid-state, 
storage  initiative  targeting 
IT  executives. 

The  initiative  aims  to  show 
the  benefits  of  the  technology 
and  to  foster  standards,  said 
Phil  Mills,  secretary  of  the 
SNIA  board  of  directors.  ■ 


technologi  is  are  real  nice. 
But  when  you  boil  it  all  down, 
how  much  of  it  c  3  you  really  need? 

MICHAEL  MCCARDLE, 

STORAGE  TECHNOLOGY  MANAGER,  OPPENHEIMER  &  00, 


14  C0MPUTERW0RLD  OCTOBER  13, 2008 


mTHE  CDW  TECHNOLOGY 
STIMULUS  PACKAGE 

HOW  CAN  CDW  HELP  YOU  GET 
THROUGH  TOUGH  TIMES? 
WITH  THE  RIGHT  TECHNOLOGY 
AT  THE  RIGHT  PRICE. 


Includes  22"  widescreen  LCD  and  Total  Care  Complete  Package 


,V  *  '■  '  '■  . 

A  A  AA 


$89999 

C0W1S389C6 

.  . 

'  "v  '  hy  ’■■■  ci’ • 


Times  are  tough  and  budgets  may  not  be  what  they  used  to  be.  That's  why  CDW  is  offering  a  stimulus  package  to  help  keep  ^ 


your  business  with  the  right  technology  at  the  right  price. 


CALL  CDW  AND  START  SAVING  TODAY! 


CDW.com/bestdeals  800.652.4CDW 


'Advertised  puce  reflects  $428  instant  savings;  offer  valid  through  11/31/08  or  while  supplies  last.  Offer  subject  to  CDW's  standard  terms 


your  business  moving.  From  savings  on  top-name  technology  products  to  custom  configuration  and  helpful  advice,  CDW  has .  ;t, 

tho  hoct  doalc  tn  holn  t/nn  nntimi70  t/nnr  doclctnn  and  not  ahoarl  nf  tho  rnmnotitinn  \/icit  CP\\M  rnm/hoctdoalc  tndaw  and  infticd 


ft  .1: 

W  1 

f  m 


;  The  Right  Technology.  Right  Away."  y’ 

■ 

nailable  at  C0W.com.  0>008  <DW  Corporation  ,  . 


■  NEWS  ANALYSIS 

Microsoft  tools 
To  Unlock  Door 
to  Wider  Bl  Use 

Its  new  plan:  Scale  up  SQL 
Server  to  support  larger  data 
warehouses,  and  use  Excel 
to  spread  business  intelligence 
to  more  users.  By  Eric  Lai 


SQL  SERVER  may 

be  one  of  the  most 
popular  databases 
among  corporate 
users,  but  Microsoft  Corp. 
is  a  relative  laggard  in 
the  business  intelligence 
market.  It  ranked  just  fifth 
among  BI  vendors  last  year, 
according  to  market  re¬ 
search  firm  IDC. 

But  Microsoft  last  week 
detailed  a  multipronged 
strategy  aimed  at  scaling  up 
the  size  of  the  data  ware¬ 
houses  that  SQL  Server  can 
support  into  the  hundreds  of 
terabytes  while  also  —  in  the 
vendor’s  words  —  democra¬ 
tizing  BI  within  companies 
through  the  use  of  Excel  and 


other  Office  applications. 

In  particular,  Excel  may 
turn  out  to  be  Microsoft’s  BI 
ace  in  the  hole. 

The  ubiquitous  spread¬ 
sheet  is  already  the  most 
popular  front-end  program 
among  business  analysts 
and  other  workers  looking 
to  display  and  analyze  the 
results  of  BI  queries,  said 
James  Kobielus,  an  analyst 
at  Forrester  Research  Inc. 

Now,  via  a  self-service 
analysis  project  code-named 
Gemini,  Microsoft  plans 
to  develop  “an  Excel-based 
user  analytics  mashup 
tool”  designed  to  make  it 
easier  for  end  users  to  build 
their  own  BI  applications, 


Kobielus  said  in  an  e-mail. 
He  called  Gemini  a  “game- 
changer”  for  the  BI  market. 

Some  IT  managers  whose 
companies  use  SQL  Server 
were  also  impressed  by 
what  they  heard  about 
Gemini,  which  Microsoft 
plans  to  ship  as  part  of  a 
Bl-oriented  release  of  SQL 
Server  2008  that  is  code- 
named  Kilimanjaro. 

LACKING  RESOURCES 

David  Smith,  CIO  at  ServiceU 
Corp.,  an  event  management 
and  ticketing  services  pro¬ 
vider  in  Memphis,  said  his 
IT  staff  has  “a  limited  num¬ 
ber  of  man-hours”  that  it 
can  devote  to  BI  projects  for 
end  users.  And  he  doesn’t 
think  ServiceU  is  alone  in 
that  regard. 

“Microsoft  has  cor¬ 
rectly  determined  that  the 
limiting  factor  for  most 
businesses  to  implement 
significant  BI  projects  is  the 
scarcity  of  IT  resources,” 
Smith  said.  In  some  cases, 
that  means  workers  are 
shut  out  from  using  BI  tools, 
he  added.  But  to  Smith, 
Gemini  appears  to  offer 
a  way  of  making  analytic 
capabilities  available  on  a 
much  broader  scale. 

Mayur  Raichura,  vice 
president  of  information 
services  at  Long  &  Foster 
Real  Estate  Inc.  in  Chan¬ 
tilly,  Va.,  also  thinks  that 
Microsoft’s  plan  will  enable 
more  users  to  analyze  data 
without  IT’s  help. 

And  Excel’s  ability  to 
handle  millions  of  rows  of 
data  in  memory  should  make 
it  possible  for  Long  &  Foster 
to  examine  large  amounts 
of  data  from  the  company’s 
transaction  systems  and  its 
Web  site  search  logs,  accord¬ 
ing  to  Raichura.  If  so,  that 
will  “position  us  to  deliver  a 
better  financial  analysis  in  a 
real-time  mode,”  he  said. 

At  its  second  annual  BI 


conference,  held  in  Seattle, 
Microsoft  said  that  a  Com¬ 
munity  Technology  Preview 
(CTP)  version  of  Kiliman¬ 
jaro  and  Gemini  will  be¬ 
come  available  within  a 
year.  Commercial  shipments 
are  scheduled  to  follow  in 
the  first  half  of  2010. 

Kilimanjaro  is  also  being 
designed  to  support  large 
data  warehouses  and  BI 
deployments.  To  help  with 
that,  Microsoft  detailed  an¬ 
other  project,  code-named 
Madison,  under  which  it 
will  integrate  SQL  Server 
2008  with  technology  devel¬ 
oped  by  Datallegro  Inc.,  a 
data  warehousing  appliance 
vendor  that  Microsoft  ac¬ 
quired  last  month. 

Microsoft  has  plenty  of 
catching  up  to  do  with  other 
vendors  at  the  high  end  of 
the  BI  market,  Kobielus  said. 
SQL  Server  typically  scales 
only  “into  the  dozens  of 
terabytes”  now,  he  noted. 

The  Madison  technology 
will  be  able  to  handle  work¬ 
loads  involving  hundreds  of 
terabytes  of  data  and  thou¬ 
sands  of  users,  Microsoft 
said.  The  company  demon¬ 
strated  a  150TB  database 
running  24  instances  of 
SQL  Server  2008  at  the  con¬ 
ference.  A  CTP  version  is 
due  within  12  months.  And 
Microsoft  said  it’s  working 
with  server  and  storage  ven¬ 
dors,  including  Dell,  EMC 
and  Hewlett-Packard,  to 
give  users  “an  appliance-like 
buying  experience.” 

But  even  with  the  addition 
of  Datallegro,  Microsoft  is 
well  behind  rivals  such  as 
Teradata  Corp.  in  high-end 
market  share.  Curt  Monash, 
an  independent  database 
analyst,  said  that  although 
Datallegro’s  technology  was 
strong,  the  appliance  vendor 
had  few  customers  before 
Microsoft  bought  it.  ■ 
Heather  Havenstein 
contributed  to  this  story. 


16  C0MPUTERW0RLD  OCTOBER  13, 2008 


When  your  company  is  on  one  network ,  it  can  be  truly  flexible.  Expand,  move 

or  merge.  And  do  it  faster  on  a  single  IP  network.  Sprint  Converged  Solutions  lets  you  access  your 
voice,  video  and  data  instantly  on  one  network,  built  end-to-end  with  technologies  that  have  the 
Cisco  Quality  of  Service  certification.  So  you  have  the  flexibility  to  adapt  to  whatever  the  future  brings. 
Get  it  on  the  Now  Network!" 


sprint.com/business 


Powered 


* 


(0 


HI 

< 

I 

o 

5 


Name:  Steven  Rambam 

Title:  Founder  and  CEO 

Organization:  Pallorium  Inc. 

Location:  Brooklyn,  N.Y. 

Favorite  technology:  “E-mail 
with  attachments.  I  don’t  think 
I’ve  turned  on  my  fax  machine 
in  years.” 

If  he  wasn’t  in  this  business, 
he’d  probably  be:  A  reporter. 

Number  of  times  he’s  been  shot 
at  on  the  job:  “It’s  bad  karma 
to  count.” 

Favorite  nonwork  pastime: 
Anything  on  or  near  the  water. 

Philosophy  in  a  nutshell:  Do 
the  right  thing,  no  matter  the 
personal  cost. 

Favorite  vice:  “I’m  not  going  to 
tell  you.  I  can  assure  you  that 
it’s  not  chocolate.” 

Favorite  movie:  “ Ruggles  of 
Red  Gap,  with  Charles  Laughton 
playing  a  butler  who  is  gambled 
away  by  a  British  lord  and 
relocates  with  his  new  master 
to  Red  Gap,  Mont.  It’s  the  most 
patriotically  positive  movie  ever 
made  about  America.” 


In  his  25  years  in  business,  Steven 
Rambam  has  worked  on  some  high- 
profile  cases,  including  tracking  down 
Nazi  war  criminals  in  Canada.  He  also 
owns  PallTech  (www.pallorium.com/ 
PallTech.html),  an  investigative  data¬ 
base  service  with  more  than  25  billion 
records  on  U.S.  citizens  and  businesses. 


m  THE  GRILL 

Steven  Rambam 

The  private  eye  talks  about  what  he 

does,  how  he  knows  everything  about 
you  and  why  he’s  not  the  one  you 
should  be  worried  about. 


What  do  you  do  as  a  private  investigator? 

We  are  not  the  traditional  Rockford 
or  Magnum,  P.I.  type  of  investigator. 
We’ll  do  very  difficult  missing  persons 
cases,  a  lot  of  sophisticated  financial 
fraud  work,  a  lot  of  insurance  company 
work,  a  lot  of  disappearances. 

What’s  in  your  PalHech  databases?  We 

have  pretty  much  every  American’s 
name,  address,  date  of  birth,  Social  Se¬ 
curity  number,  telephone  number,  per¬ 
sonal  relationships,  businesses,  motor 

Continued  on  page  20 


18  COMPUTERWORLD  OCTOBER  13,  2008 


•  >,v. 


motive  thinking  is  repositioning  IT  from  the  server  closet 
ie  front  lines,  embracing  its  impact  on  the  business 
ing  it  go  from  a  PowerPoint®  deck  into  practice). 

>lacing  business  metrics  under  the  microscope  every  day, 
*y  minute,  every  nanosecond — enhancing  insight  and 

nding  control  (from  a  financial  perspective,  for  a  change) 

- 

ewiring  the  rules  of  engagement  to  identify  problems, 
ritize  solutions  and  automate  change  (before  things 
ome  business  critical). 

>artnering  with  HP,  a  pioneering  force  behind  ITIL, 
iverage  the  experience  of  certified  consultants  and 
ze  the  ingenuity  engrained  in  the  DNA  of  our  software. 


mm 


WWiii 


iy  for  better  business  out* 


hp.com/go/servicemanagement 


irk  or  trademark  of  Microsoft 


■  THE  GRILL !  STEVEN  RAMBAM 


I  have  in 
my  office 
databases 
that  are  far  more 
powerful  and  com¬ 
prehensive  than 
J.  Edgar  Hoover’s 
wildest  dreams. 


Continued  from  page  18 

vehicles,  driver’s  licenses,  bankruptcies, 

liens,  judgments  —  I  could  go  on  and  on. 

Who  has  access  to  your  data?  This  is  a 
database  that’s  restricted  to  law  en¬ 
forcement,  private  investigators,  secu¬ 
rity  directors  of  companies  and  people 
who  have  a  genuine  need. 

How  do  you  safeguard  it?  The  most  re¬ 
strictive  rule  is  my  own  personal  eth¬ 
ics.  In  20  years,  we  haven’t  had  a  single 
lawsuit  or  complaint. 

What  has  changed  in  the  past  few  de¬ 
cades?  Two  things.  The  first  is  comput¬ 


ing  power.  I  have  in  my  office  storage 
and  databases  and  artificial  intelli¬ 
gence  scripts  and  behind-the-scenes 
links  that  are  far  more  powerful  and 
comprehensive  than  J.  Edgar  Hoover’s 
wildest  dreams. 

The  other  thing  is  the  mind-boggling 
level  of  self-contributed  data.  The  aver¬ 
age  person  now  willingly  puts  on  the 
Internet  personal  information  about 
himself  that  20  years  ago  people  would 
hire  an  investigator  to  try  and  get.  It’s 
extraordinary.  If  you  know  how  to  use 
the  Internet,  75%  of  an  investigation  can 
be  conducted  sitting  in  your  pajamas. 

Do  you  see  this  as  a  bad  thing?  On  the 

contrary,  there  are  good  reasons  for 
most  of  this  to  be  out  there.  It’s  not 
out  there  because  these  are  nefarious, 
evil  people  trying  to  be  the  new  Big 
Brother.  It’s  because  this  is  truly  a  new 
engine  of  capitalism.  Where  it  gets  a 
little  creepy  is  when  they  aggregate  all 
of  this  data  together  and  have  an  ex¬ 
traordinary  profile  of  you. 

How  can  businesses  protect  their  intellec¬ 
tual  capital,  particularly  when  it’s  in  elec¬ 
tronic  form?  You  can  have  five  firewalls 
in  a  safe  room  with  the  most  current 
locks  monitored  by  24/7  motion¬ 
detecting,  IP-addressable  cameras,  and 
all  of  that  is  meaningless  if  a  16-year- 
old  kid  can  social-engineer  a  root  pass¬ 
word  out  of  you.  The  downside  to  all 
of  this  publicly  available  information 
is  that  it’s  now  a  lot  easier  to  social- 
engineer  somebody. 

Should  businesses  hire  a  company  like 
yours?  They  should  if  they  don’t  want  a 
back  door  or  a  Trojan  [horse]  on  their 
system.  A  year  ago,  a  company  called 
me  from  Hong  Kong  and  said,  “We’re 
being  extorted.  We’re  getting  e-mails 
from  an  individual  saying  if  we  don’t 
give  a  series  of  payments  through 
PayPal,  he  is  going  to  take  [our]  source 
code  and  post  it  on  the  Internet.” 

We  were  able  to  determine  who  the 
guy  was  in  24  hours.  He  was  a  14-year- 
old  kid  in  California. 

What  about  smear  campaigns  on  the 
Web?  If  you’re  a  victim,  what  should  you 
do  about  it?  You  have  to  have  zero  tol¬ 
erance.  You  have  to  find  out  who  the 
person  is,  and  you  have  to  sue  them 


within  an  inch  of  their  life,  and  you 
have  to  do  it  publicly  and  post  it  on 
your  Web  site,  talking  about  the  entire 
case  from  beginning  to  end. 

Government  databases  are  the  biggest 
repository  of  private  information.  Should 
the  public  be  concerned  about  that?  The 

scary  thing  to  me  is  not  that  informa¬ 
tion  is  open,  but  that  the  government 
is  trying  to  use  every  pretext  and 
every  trick  to  hide  information  from 
its  citizens.  That  I  think  is  much  more 
nefarious  and  will  be  much  more  det¬ 
rimental  in  the  long  run  than  having 
information  out  there. 

Some  of  the  things  the  Bush  admin¬ 
istration  is  doing  are  just  incompre¬ 
hensible.  For  example,  they’re  reclassi¬ 
fying  data  that’s  been  in  the  public  eye 
—  that  has  been  available  to  the  public 
since  1991.  Why,  I  can’t  begin  to  guess. 

Another  slippery,  slimy  thing  is  that 
the  FBI  has  signed  contracts  with  some 
private  data  providers.  Polygraphs 
[and]  background  investigations  are 
being  outsourced,  and  the  Freedom  of 
Information  Act  does  not  apply.  If  you 
say  to  the  FBI,  “I  want  the  report  that 
ChoicePoint  furnished  to  you  about 
me,”  they  say  to  you,  “Sorry,  we  can’t 
give  that  to  you.  That’s  a  private  busi¬ 
ness  record.”  This  is  really  a  fairly  sin¬ 
ister  development.  And  it’s  one  that’s 
profoundly  un-American. 

Given  the  amount  of  personal  information 
out  there  and  the  fact  that  you  aggregate 
it,  does  the  public  have  reason  to  fear 
the  misuse  of  personal  data  controlled 
by  PallTech  or  other  aggregators?  No, 
because  frankly,  we  are  more  account¬ 
able  than  the  U.S.  government.  You 
can  sue  us;  you  can  subpoena  us.  You 
can  hold  us  to  task  if  we  do  something 
improper.  Not  so  the  U.S.  government. 

Can  people  protect  their  privacy  by  creat¬ 
ing  an  anonymous  Web  presence?  If  you 

think  when  you  do  a  search  on  Google 
that  because  you’re  not  logged  in  and 
your  IP  address  is  being  assigned  from 
a  Verizon  pool  that  you’re  anonymous, 
that’s  ridiculous. 

So  where  are  we  going?  Privacy  is  dead. 
Get  over  it.  You  can’t  put  the  genie 
back  in  the  bottle. 

—  Interview  by  Robert  L.  Mitchell 


20  C0MPUTERW0RLD  OCTOBER  13,  2008 


6 

z 


00 

o 

o 

cs 

© 


lile  one  nJisL  i (krin,U 
httierftink  UhM  it-  &ttm  &$ts 
^ecufifh  of  $frhh*j  wf  rttfajsr^  }r\'ffa9f'fucfyre  ?  " 


»  Want  it  all?  There  is  a  way  to  balance  network  access  demands  and  network  security 

—  while  growing  the  network  to  meet  exploding  user  needs:  Call  Juniper. 

Juniper  Networks’  security  and  infrastructure  solutions  power  high-performance 
enterprises,  securely  linking  agency  employees,  end  users,  partners,  suppliers  — 
everyone  —  with  the  resources  they  need.  Our  new  Network  and  Security  Manager 
(NSM)  and  Unified  Access  Control  (UAC)  solutions  represent  the  industry’s  first 
integrated  security  and  infrastructure  management  and  comprehensive  access 
control  solution.  This  means  one  management  tool,  running  on  one  JUNOS®  software 
platform,  across  routing,  switching  and  security  applications.  Leverage  your  network 

—  more  securely  and  cost-effectively  —  for  greater  productivity.  The  switch  is  on  to 
comprehensive  network  security:  www.juniper.net/federal 


Juniper  _ 


d 


Net 


1.888.  JUNIPER 


OPINION 


Steven  J.  Vaughan-Nichols 

High-Performance 

Nonsense 


Solaris, 


UIZ  TIME.  Get  out  your  No.  2  computers  and 
answer  the  following  question:  For  the  fastest  and 
most  reliable  high-end  computing  for  your  enter¬ 
prise,  will  your  operating  system  be  1)  Linux,  2) 
lVMS  or  4)  Windows? 


OK,  put  your  mice  down. 
If  you  answered  Linux, 
give  yourself  10  points;  So¬ 
laris,  9  points;  OperiVMS,  8 
points;  Windows  —  pardon 
me,  what  are  you  doing  in 
this  class?  Remedial  IT  is 
down  the  hall.  Just  listen 
for  the  chorus  of  “Are  you 
sure  your  PC’s  power  cord 
is  plugged  into  the  wall 
socket?”  You  can’t  miss  it. 

Microsoft,  after  spending 
decades  paying  no  real  at¬ 
tention  to  high-performance 
computing,  wants  to  be  an 
HPC  player  with  the  release 
of  HPC  Server  2008.  Can 
you  believe  it?  Yes,  there  was 
Windows  Compute  Cluster 
Server  2003.  After  a  long 
search,  I  found  one  user. 

He  told  me,  “Updates  that 
require  reboots  are  far  too 
frequent  for  production-use 
systems,”  “Jobs  randomly 
crash,”  and  “Few  HPC  ap¬ 
plications  actually  support 
Windows  compute  nodes.” 

Will  HPC  Server  2008 
be  any  better?  I  don’t  see 
how  it  can  be,  really.  On  the 
plus  side,  it’s  built  on  top  of 
Server  2008.  To  me,  Server 
2008  is  easily  the  best 


Windows  server  operating 
system  ever.  But  a  good, 
solid  server  is  only  the 
start  for  HPC.  While  HPC 
Server  2008  has  all  the 
right  buzzwords  —  high¬ 
speed  networking  support, 
cluster  management  tools, 
advanced  fail-over  capa¬ 
bilities,  etc.  —  it  also  has 
all  of  Windows’  historical 
baggage  of  bugs  and  bloat. 

In  addition,  HPC  Server 
2008  requires  signed 
drivers.  That  means  that 
although  in  theory  it  will 
support  high-speed  net¬ 
works,  if  your  network  fab¬ 
ric  vendor  hasn’t  jumped 
through  Microsoft’s  driver 
hoops,  you  won’t  be  able 
to  use  its  products  with 
HPC  Server.  For  example, 
QLogic  has  just  started 
working  on  beta  drivers 
for  its  InfiniBand  network¬ 
ing  products. 


■  Will  HPC  Server 
2008  be  any  good? 
I  don’t  see  how  it 
can  be,  really. 


Now  take  Linux.  More 
than  80%  of  the  world’s 
fastest  supercomput¬ 
ers  already  run  Linux. 
Many  of  the  major  stock 
exchanges  are  switching 
over  to  Linux,  usually 
from  Solaris.  To  the  best 
of  my  knowledge,  the  only 
important  stock  exchange 
that  runs  Windows  is 
London’s.  You  know,  the 
one  that  crashed  for  an 
entire  day  a  few  weeks 
back.  Flops  like  that  sure 
make  me  want  to  put  my 
enterprise’s  most  impor¬ 
tant  high-speed  computing 
on  Windows.  Yes,  indeed. 

Linux,  Solaris,  OperiVMS 
and  other  high-end  operat¬ 
ing  systems  like  AIX,  HP- 
UX  and  z/OS  already  have 
tried-and-true  hardware 
support  and  working  HPC 
applications.  To  do  HPC 
right  is  always  challenging, 
but  there  are  already  many 
excellent  products  out 
there.  I  just  can’t  imagine 
trying  to  build  a  corporate 
HPC  at  this  point  on  not 
only  an  unproven  operating 
system,  but  one  that’s  based 
on  a  system  that  was  never, 


ever  meant  for  high-end 
computing. 

Despite  all  this,  I’ve 
been  reading  comparisons 
between  Windows  HPC 
and  the  just-announced 
Red  Hat  HPC  Solution, 
which  combines  Red  Hat 
Enterprise  Linux  with 
Platform  Computing’s 
Platform  Open  Cluster 
Stack  5.  The  discussion 
has  been  focusing  on  the 
license  fees.  Excuse  me? 

While  looking  at  the 
real  price  of  software  is 
always  interesting  if  you’re 
a  CIO  or  CFO  —  especially 
when  it’s  Microsoft’s  maze 
of  Enterprise  Assurance 
maintenance  agreements 
and  Client  Access  Licenses 
—  let’s  get  real.  Windows 
often  requires  you  to  re¬ 
boot  for  major  updates. 
Linux  doesn’t.  Let’s  say  you 
need  to  reboot,  as  a  matter 
of  course,  six  times  a  year 
with  Windows  HPC.  With 
Linux,  you  don’t. 

If  you  think  that  doesn’t 
sound  like  much,  think 
again.  This  is  HPC,  not 
your  PC,  and  not  your 
ordinary  server.  Six  hours 
of  downtime  in  a  year,  all 
by  itself,  is  a  major  failure 
in  HPC.  I  don’t  care  what 
kind  of  sweetheart  deal 
you’re  getting  from  Micro¬ 
soft;  there’s  no  way  you,  or 
anyone  else,  can  afford  Mi¬ 
crosoft  HPC  Server  2008.  ■ 
Steven  J.  Vaughan-Nichols 
has  been  writing  about 
technology  and  the  business 
of  technology  since  CP/M-80 
was  cutting-edge  and 
300bit/sec.  was  a  fast  Inter¬ 
net  connection  —  and  we 
liked  it!  He  can  be  reached 
at  sjvn@vnal.com. 


22  C0MPUTERW0RLD  OCTOBER  13,  2008 


Meet  BigFix,  the  most  powerful  endpoint-security  and  systems-management  super 
agent  in  history.  At  your  service.  Free,  for  30  days.  With  an  arsenal  of 

incredible  firepower  and  a  license  to  kill  deadly  end-point  cyber-threats, 
he  will  keep  your  IT  infrastructure  purring  like  an  Aston-Martin. 
Nobody  does  IT  better.  Or  faster.  With  amazing  agility,  blazing 
speed,  and  lethal  accuracy,  he's  shaken  and  stirred  agents  from 
i  LANDesk,  McAfee,  Microsoft,  and  Symantec.  Isn’t  it  about  time 
you  saw  for  yourself,  on  your  own  turf,  why  the  world  of  second- 
best  is  not  enough?  Give  him  your  most  critical  secret  mission. 

Call  him  at 
510-652-6700 
xl  1 6  or  RSVP  from 


your  eyes  only  to  www.bigfix.com/agent. 

Services  are  free  for  30  days.  After 
that,  you  won’t  want  him  him 
off  your  team.  We're  betting 
you’ll  reach  that  conclusion 
within... 007  hours. 

BIGFIX 

High  Performance  Systems 
&  Security  Management 

BIGFIX  and  its  logo  are  registered  trademarks  of  BIGFIX,  Inc. 


BRIAN  STAUFFER  ILLUSTRATION 


Telecommuting  is  back  on  workers’ 
radars  in  a  big  way  these  days,  thanks 
to  gas  prices  that  were  a  whopping 
30%  higher  this  summer  than  last. 

Telecommuter  wannabes  are  lining 
up  outside  their  bosses’  offices  with 
work-from-home  plans  in  hand,  and  many  of  them 
could  get  their  wish  this  time  around:  According  to 
WorldatWork,  an  association  of  human  resource  pro¬ 
fessionals,  40%  more  employers  are  offering  telework 
programs  this  year  than  last  year.  Should  your  IT  em¬ 
ployees  be  part  of  that  burgeoning  crowd? 


It’s  certainly  tempting 
to  say  yes.  Increasing  fuel 
costs  and  heightened  cor¬ 
porate  environmental  con¬ 
sciousness  are  magnifying 


many  of  the  benefits  of  tele¬ 
work,  including  conserving 
fuel  (and  money),  reducing 
traffic  congestion  (and  C02 
emissions),  and  reducing 


space  and  energy  use  at 
the  employer’s  facility.  Em¬ 
ployers  also  often  find  that 
they’re  better  able  to  attract 
and  retain  talented  workers 
with  the  flexibility  and  in¬ 
creased  job  satisfaction  that 
telework  programs  offer. 

All  of  that  is  driving  a 
huge  number  of  inquiries 
from  organizations  looking 
to  deploy  more  systematic, 
companywide  telework  pro¬ 
grams,  says  Josh  Holbrook, 
an  analyst  at  Yankee  Group 
Research  Inc. 

That  said,  IT  and  tele¬ 
work  don’t  have  an  unblem¬ 
ished  record  of  success.  In 


2006,  Hewlett-Packard  Co. 
ended  teleworking  arrange¬ 
ments  for  hundreds  of  its 
IT  workers.  And  early  this 
year,  Intel  Corp.  began  re¬ 
quiring  more  than  half  the 
teleworkers  in  its  IT  group 
to  report  to  the  office  at  least 
four  days  a  week.  In  both 
instances,  the  companies  in¬ 
dicated  that  teleworking  had 
had  a  negative  impact  on  IT 
employee  productivity  and 
collaboration. 

Although  a  few  reversals 
of  telework  policy  do  not 
constitute  a  trend,  those 
cases  should  caution  tech¬ 
nology  managers  who  might 


m  COVER  STORY 


otherwise  be  inclined  to  say 
OK  to  telecommuting. 

“These  instances  get  atten 
tion  because  they  cut  agai 
the  grain,”  Holbrook  say, 
“The  trend  is  overwhel 
ingly  in  the  other  direc] 

Nevertheless,  in  so 
instances,  managers  or 
whole  business  units  ha 
“gone  rogue,”  he  says,  al¬ 
lowing  employees  to  work 
from  home  without  the 
right  technology,  policies 
and  procedures  in  place. 

“It’s  very  possible  for  a  well- 
meaning  manager  to  shove 
the  employee  out  of  the 
corporate  jet  without  a  para¬ 
chute,”  Holbrook  warns. 

Some  telework  decisions 
are  fairly  obvious.  Most 
managers  wouldn’t  let  a 
new,  inexperienced  em¬ 
ployee  telework  until  he  had 
proved  himself,  for  example. 
But  there  are  other,  more 
subtle  aspects  of  a  person’s 
character  and  work  style 
and  a  company’s  culture 
that  can  make  or  break  a 
telework  arrangement. 

Computerworld  talked 
with  telework  experts  and 
IT  managers  to  discover 
some  of  these  nuances.  Be¬ 
fore  you  approve  telework, 
make  sure  you’ve  asked 


yourself  and  your  employ¬ 
ees  these  tough  questions. 


FULL-TIME 
IMUTING 
■TION? 

jobs  will  never 
lates  for  tele- 
rthe  employee  is 
"required  on-site 
to  repair  client  hardware, 
for  example  —  or  the  job 
requires  a  lot  of  communica¬ 
tion,  interaction  and  collabo¬ 
ration  with  others,  such  as 
managing  relationships  be¬ 
tween  IT  and  business  units. 

Other  times,  the  situation 
is  less  clear.  The  work  can 
be  performed  remotely,  but 
should  it  be? 

Telework  is  best  for  those 
with  task-oriented  jobs  and 
for  people  who  need  little 
face-to-face  communica 
tion,  says  Scott  Morriso 
analyst  at  Gartner  Inc. 
they  get  through  a  day’j 
work  without  leaving  t 
desk?”  he  asks.  “Then  t 
can  do  their  job  remotely.1 

But  just  because  they  can 
doesn’t  mean  they  necessar¬ 
ily  should.  The  most  success¬ 
ful  telework  arrangements 
are  those  that  still  bring  the 
worker  into  the  office  at  least 


some  of  the  time. 

Dennis  Cromwell,  as¬ 
sociate  vice  president  for 
enterprise  infrastructure 
at  Indiana  University  in 
Bloomington,  lets  10  to  12  of 
his  75  employees  telecom¬ 
mute  —  but  not  every  day. 
They  are  mostly  systems  and 
database  administrators  who 
work  alone  on  the  computer 
and  communicate  chiefly  via 
phone  and  e-mail.  The  ar¬ 
rangement  has  worked  well 
—  so  well  that  Cromwell  has 
cut  the  number  of  offices  that 
one  of  his  teams  requires 
from  six  to  two. 

Still,  because  he  wants  to 
keep  informal  communica¬ 
tion  flowing,  he  won’t  allow 
anyone  to  telework  100%  of 
the  time,  except  in  rare  cir¬ 
cumstances. 


FILL 
[FINE 
'ASURE 
(MANGE? 

iperienced 
Fess  that  you 
)lish  well-defined 
performance  measures  for 
teleworkers  and  then  judge 
performance  accordingly. 

On  the  face  of  it,  that  ap¬ 
proach  seems  simple  enough. 


For  task-oriented  jobs,  it’s 
easy  to  measure  performance 
in  terms  of  output.  For  an  IT 
support  person,  for  example, 
you  might  track  how  many 
cases  he  handled  per  day  and 
whether  problems  were  suc¬ 
cessfully  resolved. 

But  such  an  approach  im¬ 
plies  that  it  doesn’t  matter 
how  much  time  it  takes  to 
do  the  job.  And  that  raises  a 
sometimes  thorny  question: 
Are  you  paying  employees 
for  their  output,  their  time 
or  both?  Some  people  work 
faster  or  more  efficiently  than 
otl^HespecIlly  when  work¬ 
ing  from  home.  If  an  employ¬ 
ee  hits  his  output  working 
only  four  hours  a  day,  is  that 
a  win-win  situation  or  poor 
use  of  that  employee? 

“People  say  they  manage 
by  results,  but  they  also  like 
to  know  whether  the  person 
is  only  active  a  few  hours  a 
day,”  says  Eric  Spiegel,  CEO 
and  co-founder  of  software 
start-up  XTS  Inc.  In  a  previ¬ 
ous  job  as  an  IT  manager, 
Spiegel  had  bad  experiences 
allowing  staffers  to  telework. 
Members  of  his  team  were 
sometimes  unavailable  dur¬ 
ing  work  hours,  and  he  had 
trouble  scheduling  meetings. 

Continued  on  page  28 


GIVE  YOUR  DATA’S 
CONTINGENCY  PL 
ACONTINGEN 


fa , 


■mmm it 


Powerful 

Efficient, 


IBM  System  x3350  Express 


OR  $23/  MONTH  FOR  36  MONTHS1 

The  more  valuable  your  data,  the  more  you  need  to  protect  it. 
Redundancy  is  critical.  Like  in  the  IBM  System  x3350™  Express 
It  comes  with  integrated  RAID.  Can  our  competitors  say  that? 
So  if  there's  ever  an  unexpected  problem  on  one  drive,  your 
business  can  keep  running.  Because  the  data  you  need  is 
available  in  another  location.  Anytime  you  need  it.  Smart  plan. 

From  the  people  and  Business  Partners  of  IBM. 

It’s  innovation  made  easy. 


HELP  KEEP  YOUR  DATA  SAFE  AND  ACCESSIBLE. 


PN:  4192E1U _ _ _ _ 

Featuring  Intel®  Xeon®  Processor  (up  to  3.0  GHz/6  MB/1333  MHz) 

Predictive  Failure  Analysis  and  Light  Path  Diagnostics,  redundant, 
hot-swappable  power  supplies  and  fans  and  up  to  4  hard  disk  drives 

Comes  with  a  1  -year  or  3-year  customer  replaceable  unit  and  on-site 
limited  warranty2 

ion  £>* 


IBM  SYSTEM  x3650  EXPRESS 

$5,409 

OR  $139/  MONTH  FOR  36  MONTHS1 


PN:  7979EVU 
Featuring  up  to  two  Intel®  Xeon®  Processors  x5355 
Hot-swap  redundant  cooling,  power  and  hard  disk  drives  for  high  availability 
Comes  with  a  3-year  on-site  limited  warranty2  on  parts  and  labor 


IBM  SYSTEM  STORAGE 
DS3400  EXPRESS 

$4,319 

OR  $111/  MONTH  FOR  36  MONTHS' 

PN:  172641 E 


External  Disk  Storage  with  1  Gbps  Fibre  Channel  interface  technology 
Built-in  reliability  features  with  dual-redundant  power  supplies  standard 


IBM  EXPRESS  “BUNDLE  AND  SAVE” 

=  =-r  =rz=  express 

We  bundle  our  Express  systems  to  give  you  the  accessories 

advantage" 

you  need  while  saving  you  money  on  the  hardware  you  want. 

ibm.com/systems/safedata 

Act  now.  Available  through  ibm.com  and  IBM  Business  Partners. 

1  866-872-3902  (mention  6N8AH09A) 

1.  IBM  Global  Financing  offerings  are  provided  through  IBM  Credit  LLC  in  the  United  States  and  other  IBM  subsidiaries  and  divisions  worldwide  to  qualified  commercial  and  government  customers  Monthly  payments  provided  are  (or  planning 
purposes  only  and  may  vary  based  on  your  credit  and  other  factors.  Lease  offer  provided  is  based  on  an  FMV  tease  of  36  monthly  payments.  Other  restrictions  may  apply.  Rates  and  offerings  are  subject  to  change,  extension  or  withdrawal  without  notice. 

2.  IBM  hardware  products  are  manufactured  from  new  parts,  or  new  and  serviceable  used  parts.  Regardless,  our  warranty  terms  apply.  For  a  copy  of  applicable  product  warranties,  visit:  ibm.com/servers/suppon/machine_warranbes  or  write  in:  Warranty' 
Information,  P.0.  Box  12195,  RTF.  NC  27709.  Attn:  Dept.  JDJA/B203.  IBM  makes  no  representation  or  warranty  regarding  third-party  products  or  services,  including  those  designated  as  ServerProven'  or  ClusterPraven"  Telephone  support  may  be  subject 
to  additional  charges  For  on-site  labor,  IBM  will  attempt  to  diagnose  and  resolve  the  problem  remotely  before  sending  a  technician.  On-site  warranty  is  available  only  for  selected  components.  Optional  same-day  service  response  is  available  on  [select! 
systems  at  an  additional  charge. 

IBM.  the  IBM  logo,  IBM  Express  Advantage,  System  x  and  System  Storage  are  trademarks  of  International  Business  Machines  Corporation,  in  (he  United  States  and/or  other  countries.  Fof  a  complete  list  ot  IBM  trademarks,  see  www.ibm.com/lecHl/cenvtf3de.5fitiTil. 
Iniei  and  Xeon  are  registered  trademarks  ot  Intel  Corporation.  All  other  products  may  be  trademarks  or  registered  trademarks  of  their  respective  companies.  All  prices  and  savings  estimates  are  based  upon  IBM's  estimated  retail  selling  prices  as  ot  8/20/08 
Prices  and  actual  savings  may  vary  according  to  configuration.  Resellers  set  their  own  prices,  sc  reseller  prices  arid  actual  savings  to  end  users  may  vary.  Products  are  subject  to  availability  This  document  was  developed  for  offerings  in  the  United  Stales 
IBM  may  not  offer  the  products,  features,  or  services  discussed  in  this  document  in  other  countries.  Prices  are  subject  to  change  without  notice.  Starting  price  may  not  include  a  hard  drive,  operating  system  or  other  features  Contact  your  IBM  representative 
or  IBM  Business  Partner  tor  the  most  current  pricing  in  your  geographic  area.  ©2008  IBM  Corporation.  All  rights  reserved. 


m  COVER  STORY 


Continued  from  page  26 
To  avoid  such  problems,  he 
says,  you  should  decide  up¬ 
front  whether  meeting  deliv¬ 
erables  is  enough,  or  whether 
you  will  require  employees 
to  be  at  their  phone  and  com¬ 
puter  at  certain  times  and  for 
a  certain  number  of  hours. 


3  WILL  CREATIVITY 
SUFFER? 

Bey  on®  the  hours- 
vs.-output  debate, 
there’s  a  larger  ques¬ 
tion  that  pertains  particular¬ 
's  where  deliverables 
can’t  be  easily  quantified: 
Are  you  getting  the  same 
level  of  intellectual  invesl 
ment  from  your  remote 
ployees  as  you  would  if  \ 
were  in  the  office? 

In  software  design,  for^ 
example,  creative  ideas  car 
be  the  most  valuable  output. 
Should  you  measure  perfor¬ 
mance  based  on  creativity? 
Will  workers  be  more  cre¬ 
ative  at  home  —  or  less? 

Maybe  you  should  mea¬ 
sure  quality  rather  than 
quantity.  If  so,  what  con¬ 
stitutes  high  quality?  The 
answer  will  depend  on  the 
person  and  the  type  of  job. 
The  important  thing  is  to 
have  a  frank  discussion  of 
what’s  expected  —  including 
intangibles  like  creativity 
—  before  you  allow  an  em¬ 
ployee  to  telework,  with  the 
understanding  that  the  ar¬ 
rangement  could  be  changed 
if  expectations  aren’t  met. 

Today,  all  seven  of  Spie¬ 
gel’s  employees  telework. 
The  difference,  he  says,  is 


that  they  are  all  senior-level 
people  whom  he  personally 
hired.  Thanks  to  stock  op¬ 
tions  and  equity  interest, 
they  are  highly  motivated. 

As  an  added  bonus,  Spie¬ 
gel  doesn’t  need  office  space 
at  this  point  in  his  young 
company’s  development. 

Even  so,  he  advises  man¬ 
agers  to  proceed  with  cat _ 

tion.  “If  I  had  to  go  bad^Hi 
manage  a  support  teamJM 
a  Fortune  1,000  compai 
I’d  take  a  different  stand 
Spiegel  says.  “I’d  want  mfcn 
control  over  what  teleworl 
ers  are  doing.” 


LL 

K AFFECT 
RATION? 

ut  the  cul- 
ur  organiza- 
he  employee 
>ome  people  are 
naturally  creative,  innova¬ 
tive  and  inspirational,  notes 
Robert  Keefe,  president  of 
the  Society  for  Information 
Management  and  senior  vice 
president  and  CIO  at  Mueller 
Water  Products  Inc.  These 
people  stimulate  discussion 
and  generate  ideas,  and  oth¬ 
ers  like  to  work  with  them. 

“Some  people  are  like  the 
gel  that  holds  the  organiza¬ 
tion  together,”  says  Keefe. 
The  organization  would  lose 
something  if  those  people 
worked  remotely  100%  of 
the  time.  “That’s  a  very  soft 
intangible,  but  something 
that’s  often  overlooked  in 
team  dynamics,”  says  Keefe. 

Communication  is  a  re¬ 
lated  factor.  Some  companies 


are  more  reliant  than  others 
on  informal  communica¬ 
tion,  where  an  employee  just 
walks  down  the  hall  to  IT 
to  solve  a  problem  or  hash 
out  an  idea,  Holbrook  notes. 
Moving  a  key  IT  employee 
out  of  that  picture  could  up¬ 
set  that  delicate  balance. 

For  example,  Intel  relies  on 
a  high  level  of  collaboration, 
according  to  Intel  CIO  Diane 
Bryant.  The  company  found 
that  projects  were  completed 
much  more  efficiently  when 
all  the  IT  workers  were  at 
one  site  rather  than  spread 
out  over  two  or  more  sites 
—  or  in  remote  locations. 


kBOUT 
TEES  ‘LEFT 
IN  THE 


WHA 
EMPL 
BEHIN 
0FFI 

Timothy  Golden, 
HHH^BPofessor  in  the 

tool  of  Management 
&  Technology  at  Rensselaer 
Polytechnic  Institute,  pub¬ 
lished  a  study  earlier  this 
year  suggesting  that  allow¬ 
ing  some  employees  to  tele¬ 
commute  can  decrease  job 
satisfaction  for  co-workers 
who  remain  in  the  office  and 
increase  the  chances  that 
they  will  leave  the  company. 

Golden  studied  a  sample 
of  240  professional  employ¬ 
ees  from  a  midsize  compa¬ 
ny.  The  study  found  that  the 
more  people  in  the  organi¬ 
zation  who  teleworked,  the 
less  satisfied  the  officebound 
employees  were. 

There  could  be  several 
reasons  for  this,  according  to 
Golden.  First,  there  are  fewer 
opportunities  for  workers 
to  get  to  know  one  another 
which  could  impede  gooi 
working  relationships.  S 
ond,  the  officebound  woj 
may  find  themselves  be: 
to  accommodate  the  tele 
workers  —  for  instance, 
have  to  schedule  meetings 
around  when  teleworkers  are 


going  to  be  in  the  office. 

And  third,  office  workers 
may  be  more  likely  to  be 
tapped  for  certain  tasks  sim¬ 
ply  because  they  are  handy, 
whereas  the  teleworker 
is  left  undisturbed.  “The 
teleworker  may  very  well 
be  available,”  says  Golden, 
“but  they  aren’t  perceptually 
there  in  the  moment.” 

While  telework  has  gone 
smoothly  for  the  most  part 
at  Cox  Enterprises  Inc., 
that  misperception  of  avail¬ 
ability  has  been  a  problem, 
says  John  Bell,  assistant  vice 
president  of  information 
systems  engineering  at  the 
broadband  service  provider. 

“Someone  will  stop  by  an 
office,  and  the  door  is  closed 
and  the  lights  are  out,”  he 
says.  “People  think  he’s  not 
available  or  that  they  may 
be  imposing  if  they  call  him 
at  home.” 

To  combat  that  percep¬ 
tion,  Cox  has  started  requir¬ 
ing  teleworkers  to  post  their 
schedules  on  their  doors  so 
other  staff  members  know 
when  they  are  available. 

Golden  suggests  other 
ways  to  ensure  that  in-office 
employees  aren’t  inconve¬ 
nienced  by  at-home  col¬ 
leagues,  including  requiring 
all  employees  to  be  in  the 
office  at  certain  times  or  on 
certain  days;  reshuffling  re¬ 
sponsibilities  so  officebound 
employees  aren’t  dependent 
upon  remote  workers;  and 
scheduling  informal  social 
times,  separate  from  formal 
meetings,  to  reinforce  trust 
and  camaraderie  among  the 
entire  workforce. 


HAVE  AN 
IRATEGY? 

;m  counter- 
Jto  be  think- 
it  an  exit 
i  you’re  trying 
7e  a  telework  ar¬ 
rangement,  but  experts  like 


28  C0MPUTERW0RLD  OCTOBER  13,  2008 


Keefe  suggest  that  very  thing. 

Even  as  he’s  hammering 
out  details  on  how  often  an 
employee  will  need  to  come 
into  the  office,  Keefe  puts  a 
time  limit  on  the  telework¬ 
ing  arrangement.  “You  don’t 
want  to  set  a  false  expecta¬ 
tion  that  this  is  the  way  it’s 
always  going  to  be,”  he  says. 
“It’s  really  highly  dependent 
on  the  role  they  are  in  cur¬ 
rently,  and  things  change.” 

A  new  department  manag¬ 
er  may  prefer  to  have  work¬ 
ers  in  the  office,  for  example. 
Or  an  IT  consolidation  proj¬ 
ect  might  require  employees 
to  come  back  to  the  office. 

Particularly  if  the  person  is 
a  high  performer  who  might 
come  up  for  a  promotion, 
it’s  important  to  note  that  he 
might  need  to  return  to  the 
office  if  his  role  changes. 

Managers  should  also 
consider  the  possibility  that 
telework  can  become  too 


good  of  an  offer  for  some 
workers.  Strong  performers 
might  forgo  advancement, 
or  even  leave  the  company, 
in  order  to  continue  tele¬ 
working.  “It  becomes  a  life¬ 
style,”  notes  Keefe.  “I’ve  had 
a  couple  of  key  people  leave 
the  organization,  so  now  I’m 
more  cautious  about  that.” 

Ironically,  the  opposite 
situation  can  also  occur:  Em¬ 
ployees  who  pushed  for  and 
received  permission  to  tele¬ 
work  may  find  it’s  not  as  won¬ 
derful  as  they  expected.  They 
may  feel  disconnected  from 


the  workplace  and  the  office 
banter.  Rather  than  admitting 
the  mistake,  they  may  look 
for  work  in  another  office. 

In  fact,  there  is  a  higher 
degree  of  churn  among 
teleworkers  today  than  in 
the  past,  according  to  Sean 
Ryan,  an  analyst  at  IDC.  Sta¬ 
tistics  indicate  that  telework 
tends  not  to  be  a  permanent 
arrangement,  he  says.  “They 
telecommute  for  a  while  but 
then  go  back  into  the  corpo¬ 
rate  world,”  Ryan  says. 

Indeed,  research  from 
2005  published  in  the  Jour¬ 


nal  of  Management  suggests 
that  allowing  insufficiently 
screened  employees  to  work 
more  than  three  days  a  week 
outside  of  the  office  results 
in  long-term  decreases  in 
productivity  and  morale  and 
increases  in  staff  turnover. 
“They  move  on  to  jobs  where 
they  feel  more  included,” 
says  Gartner’s  Morrison. 

The  consensus  among 
managers  who  have  had  it 
both  ways  is  that  telework 
should  never  be  an  all-or- 
nothing  proposition.  And 
whether  you  ultimately  de¬ 
cide  to  allow  an  employee  to 
work  from  home  full  time, 
part  time  or  not  at  all,  your 
decision  should  be  the  result 
of  careful  consideration  of 
the  needs  of  the  worker, 
his  colleagues  and  manag¬ 
ers  and  —  most  important 
—  your  business.  ■ 

Harbert  is  a  Washington- 
based  freelance  journalist. 


Thank  you 


to  the  over  1,900  IT  associates  of  The  Capital 
Group  Companies  for  making  us  #1  in  the  2008 
Computerworld  100  Best  Places  to  Work  in  IT. 


We  are  proud  of,  and  humbled  by,  your  continued  dedication  to  excellence. 


m 


To  learn  about  career  opportunities  in  IT  with  the  Capital  Group,  we  invite  you  to  visit  capgroup.com/computer. 


capgroup.com/computer 

Attire  Equal  Opportunity  Employer 


HP  Capital  Group* 

Companies 


■  Q&A  I  MUKTI  KHAIRE 


She  Creativity 

onundrum 

You  can’t  manage  creativity, 
but  you  can  manage  jbr  it. 
Here’s  how. 


Recently,  a  two-day  collo¬ 
quium  at  Harvard  Business 
School  brought  together  busi¬ 
ness  leaders  from  innovative 
companies  such  as  Google, 

E  Ink,  Novartis  and  Ideo  to 
discuss  creativity  in  organiza¬ 
tions.  In  this  month’s  Harvard 


Business  Review,  Mukti  Khaire 
and  co-author  Teresa  M. 
Amabile  report  on  the  group’s 
conclusions.  Khaire,  an  as¬ 
sistant  professor  at  Harvard 
Business  School,  shared  some 
key  insights  with  Computer- 
world’s  Kathleen  Melymuka. 


Ingredients  for  Innovation 

Stanford  University  professor  emeritus  Jim  March  wrapped 
up  the  Harvard  Business  School  colloquium  on  creativity 
with  what  he  called  the  beginnings  of  a  theory  of  novelty.  He 
named  three  conditions  for  something  new  to  happen: 

SLACK.  Sufficient  time,  resources  and  breathing  room  for 
exploration  and  experimentation. 

HUBRIS.  The  ability,  desire  and  willingness  to  take  risks. 

' - -  -  - - —  —  —  - - 

OPTIMISM.  A  belief  that  something  better  than  the  status 

quo  is  possible  -  that  something  new  can  work. 


Why  is  creativity  suddenly 
coming  off  the  back  burner? 

When  business  is  more  dif¬ 
ficult  and  things  more  com¬ 
petitive,  everyone  is  trying 
to  run  faster  than  everyone 
else  to  get  answers,  so  you 
need  to  keep  finding  novel 
solutions  to  the  problems 
everyone  faces.  That  is  what 
makes  creativity  more  im¬ 
portant  for  managers  today. 
In  IT  particularly,  yesterday’s 
innovation  is  today’s  com¬ 
monality.  People  catch  up 
even  faster  in  IT,  and  so  there 
is  demand  for  newer  systems 
all  the  time.  And  where  IT  is 
viewed  as  a  cost  center,  it’s 
even  more  important  to  add 
the  value  expected  of  IT. 

Let’s  talk  about  some  leader¬ 
ship  priorities  in  managing  for 
creativity.  You  write  that  the 
first  is  to  draw  on  the  right 
minds.  How  does  a  manager 
find  those?  We  ’re  not  say¬ 
ing  there  are  some  people 
in  charge  of  being  creative. 
But  in  terms  of  getting  the 
right  minds,  at  the  begin¬ 
ning  it  would  be  that  you 
have  a  certain  culture  and 
incentives  that  would  draw 
the  kinds  of  people  who  are 
willing  to  take  some  risk 

—  personal  and  professional 

—  to  do  something  different. 
Then  you  want  to  not  have 
one  particular  type  of  “right 
mind”  or  one  idea  of  what 
the  right  mind  would  be.  You 
want  diverse  capabilities  and 


the  diverse  skills  they  would 
bring  to  any  problem. 

Next  comes  collaboration.  You 
talk  about  using  analogies  and 
metaphors  to  get  people  fo¬ 
cused.  When  you  are  trying 
to  achieve  something  really 
radical,  by  definition,  that 
doesn’t  exist.  So  if  people 
don’t  have  a  sense  of  where 
they  are  going,  it’s  hard  to 
rally  around  it.  That’s  where 
metaphors  and  stories  and 
analogies  work,  because  it 
gives  them  a  sense  of  what 
they’re  working  toward 
—  for  example,  “We  want 
to  build  the  Facebook  of 
knowledge  management.” 


In  I  r  pai  cu- 
larly,  yesterday’s 
innovation  is  today’s 
coi  imor  il  . 


There  was  a  lot  of  discus¬ 
sion  of  the  role  of  diversity. 

One  interesting  point  was  the 
value  of  identity  integration  to 
enhance  creativity.  Can  you 
explain?  People  are  complex 
and  identify  with  different 
roles  at  different  times  and 
in  different  contexts,  but  the 
real  punch  is  packed  when 
people  can  draw  from  each  of 
the  aspects  of  their  identity 
to  apply  diverse  perspectives 
to  a  situation.  Take  engineers 
who  are  also  designers.  If 
they  express  both  sides,  that 
Continued  on  page  33 


30  COMPUTERWORLD  OCTOBER  13,  2008 


Making  IT  work  as  one.  It's  what  sets  us  apart, 

At  Novell  we're  taking  interoperability  to  a  whole  new  level.  We  believe  every  person,  every 
partner  and  every  piece  of  your  mixed-IT  world  should  work  as  one.  Our  Enterprise  Linux, 
Security  and  Identity  Management,  Systems  Management  and  Collaboration  solutions 
easily  integrate  with  just  about  any  IT  infrastructure,  So  you  can  lower  cost,  complexity  and 
risk  on  virtually  any  platform  and  make  your  IT  work  as  one, 

www.novell.com  Novell. 

Making  IT  Work  As  One™ 


: i 


COMPUTERWORLD 

BUSINESS  INTELLIGENCE  PERSPECTIVES 


<► 

Best  Practices 

IN  BUSINESS  INTELLIGENCE 


AWARDS  PR  AM 


SPONSORED  BY: 


Cognizant 


Congratulations 
Award  Recipients! 

Business  Intelligence  Perspectives  proudly 
announced  the  results  of  this  year's  "Best  Practices 
in  Business  Intelligence"  Awards  Program.  This 
program  honors  IT  users  "Best  Practice"  case 
studies  selected  from  a  field  of  qualified  finalists. 

Honoree  Awards  Recipients  in  each  of  the  following  categories  were  recognized 
at  Business  Intelligence  Perspectives  in  Phoenix,  Arizona,  on  September  10th: 


Thank  you  to  our  "Best  Practices 
in  Business  intelligence"  Judges 
for  2008: 

•  Greg  Backhus,  Helzberg  Diamond 

•  Andrea  Ballinger,  MBA,  University  of  Illinois 

•  Heather  Havenstein,  Computerworlcf 

•  Michael  Hibbard,  RN,  MHSA, 

®  Erik  Johnson,  Sabra  Holdings 

•  Julia  King,  Computerworld 

•  Michael  Masiiiandard  Rnhm  and 

•  Matthew 

•  Henry  Morris,  IDG 

•  Eric  Piersni,  Aflt- 

•  Michael  Scarbrough, 

•  Ya:laj;PapaCirt( 

; « >  cbtf  Zimmorma 

- - 

mm 


Finalists  in  each  of  the  following  categories  are: 

Creating  an  Agile  Bl  Infrastructure 


Marriott  International,  Inc.,  Bethesda,  Maryland 

Finalists:  •  Abbott  International,  Abbott  Park,  Illinois 

•  USPS  IT  Delivery  and  Retail  Business  Systems  Portfolio,  Washington,  DC 

•  United  Network  of  Organ  Sharing,  Richmond,  Virginia 

•  USCG,  Office  of  Performance  Management  and  Decision  Support, 
Washington,  DC 


Driving  Process  Management  with  Bl 


FedEx  Services,  Collierville,  Tennessee 

Finalists:  •  New  York  City  Department  of  Information  Technology 
and  Telecommunications,  New  York,  New  York 

•  The  Salvation  Army,  USA  Western  Territory,  Long  Beach,  C 
Schneider  National  Inc.,  Greenbay,  Wisconsin 
Transportation  Security  Administration,  Arlington,  Yir 


Expediting  Information  Delivery,  Retrieval, 

- I - 1 - - - -  - . — 

USPS  IT  Delivery  and  Retail  Bi 
Washington,  DC 

Finalists:  •  Airlines  Reporting 


v..*  oJ”;  iSs-l  V  til’s r, 


Q&A  I  MIIKTI  KHAIRE  ■ 


Continued  from  page  30 
allows  for  Pixar  and  Toy  Sto¬ 
ry.  To  integrate  facets  of  both 
identities  leads  to  the  whole 
being  greater  than  the  sum  of 
its  parts.  People  do  this  a  lot 
in  daily  life,  but  we  tend  to  do 
it  at  a  more  superficial  level. 

And  at  work,  people  often  tend 
to  do  the  exact  opposite.  For 
example,  a  woman  in  IT  may  try 
to  shut  off  her  feminine  side. 

Exactly.  [I  might]  try  not  to 
bring  personal  things  —  who 
I  am  —  into  my  profession, 
but  who  I  am  may  really  have 
some  bearing  on  a  problem. 

You  also  discuss  the  need  to 
look  outside  the  organiza¬ 
tion.  Can  you  discuss  open 
source  from  the  nonsoftware 
perspective?  Essentially,  the 
meaning  of  the  term  is  “open 
collaboration  among  people 
without  a  sense  of  competi¬ 
tion.”  The  airplane  was  a 
complex  enough  innovation 
that  the  Wright  brothers 
alone  couldn’t  have  solved 
the  problems.  In  the  early 
stages  of  that  invention,  there 
were  a  lot  of  thinkers,  exactly 
like  the  open-source  people 
today,  working  on  smaller 
aspects  of  the  larger  prob¬ 
lem.  Collaboration  toward 
the  greater  goal  united  all  of 
them.  Once  the  Wright  broth¬ 
ers  recognized  the  commer¬ 
cial  and  military  potential, 
it  became  more  competitive. 
But  before  that,  it  was  very 
similar  to  what  we  see  in 
open-source  platforms  today 
—  which  only  goes  to  show 
that  this  notion  that  people 
will  contribute  freely  to  a 
particular  idea  is  not  new. 

You  note  that  as  creative  ideas 
churn  through  the  bureau¬ 
cracy,  they  tend  to  get  beaten 
into  the  shape  of  the  existing 
business  model  and  lose  their 
innovative  power.  So  where  is 
the  balance  between  diversity  of 
input  and  the  need  to  protect  an 


idea  from  being  deflated  by  di¬ 
verse  input?  I  think  it’s  a  ques¬ 
tion  of  stage.  You  start  with 
brainstorming,  a  nonjudg- 
mental  search  for  ideas.  There 
you  want  as  much  diversity 
of  input  as  possible.  At  a  later 
stage,  if  marketing  comes 
back  and  says,  “This  needs  to 
be  modified,”  if  the  need  for 
that  is  not  just  to  make  things 
easier  for  them  but  because 
of  real  consumer  feedback  to 
increase  usability,  there  is  still 
space  to  accept  that.  But  when 
there  is  browbeating  to  fit  a 
square  peg  into  a  round  hole 
because  they  just  don’t  want 
to  make  a  square  hole,  that’s  a 
problem.  So  you  need  to  have 
incentives  throughout  the  or¬ 
ganization  so  that  the  norm 
is  to  have  everybody  engaged 
in  novelty  rather  than  trying 
to  make  life  easier. 

You  write  that  innovation  will 
never  happen  unless  people 
are  motivated  to  work  at  their 
creative  peak.  How  does  an 
IT  manager  accomplish  that? 
You  need  the  right  minds 
matched  to  the  right  project, 
and  you  need  to  make  sure 
you’ve  provided  enough  of 
an  intellectual  challenge.  But 
the  intellectual  challenge  has 
to  be  matched  with  skills. 

If  it’s  too  challenging,  that’s 
frustrating.  But  if  it’s  not 
challenging  enough,  that’s 
not  stimulating  and  leads  to 
boredom  and  demotivation 
and  quick  solutions  that  are 
not  optimal.  So  you  need  to 
have  not  just  the  right  minds, 
but  also  an  understanding 
of  what  people  want  so  you 
have  the  right  incentives, 
tangible  and  also  intangible. 

That’s  asking  a  lot  of  a  manag¬ 
er.  Yes.  But  if,  as  a  manager, 
you  are  collaborative  and  col¬ 
legial,  then  you  would  know 
this  about  the  people  you 
work  with  and  would  be  able 
to  do  this  right.  Good  man¬ 
gers  do  this  automatically.  ■ 


UMUC 

COMPUTER 

INFORMATION 

TECHNOLOGY 


Design. 

Implement. 

Succeed. 


Get  the  hands-on  learning  you  need  to  succeed  as  a  systems 
administrator,  network  administrator  or  network  engineer 
with  University  of  Maryland  University  College's  (UMUC) 
information  technology  programs.  You'll  learn  how  to  design 
and  implement  network  and  security  administration  solutions 
from  industry-certified  faculty  who  work  in  the  IT  field.  And 
you'll  gain  the  knowledge  you  need  to  accelerate  your  career. 

•  Prepare  for  certification  while  pursuing  your 
bachelor's  degree 

•  Classes  conveniently  offered  online  and  on-site 

•  Scholarships,  loans  and  an  interest-free  monthly  payment 
plan  available 

•  No  SAT  required 

Enroll  now.  Call  800-888-UMUC 
or  visit  umuc.edu/start 

UMUC 

University  of  Maryland  University  College 

Copyright  ©  2008  University  of  Maryland  University  College 


OCTOBER  13, 2008  COMPUTERWORLD  33 


After  two  decades  of  significant  investment  in  IT, 
it's  clear  that  greater  spending  doesn't  necessarily 
deliver  greater  results.  Accenture’s  groundbreakin  | 
study  of  over  500  high-performance  businesses, 
as  well  as  our  hands-on  experience  with  the  world's 
leading  companies,  has  gi  en  us  pragmatic, 
real-world  insights  into  what  works,  what 
doesn't,  and  why.  Because  it's  not  how  much  you 
put  into  your  IT  that  counts.  It's  how  much  you 
get  out  of  it. 

Information  Management 

•  Business  Intelligence 

•  Portals  and  Content  Management 

•  Data  Management  and  Architecture 

Techm  gy  Consulting 

•  IT  Strategy  and  Transformatit  i 

•  IT  Workforce  Transformation 

•  Enterprise  Architecture 

•  Data  Center  Technology  and  icrations 

•  Green  IT 

•  Network  Technology 

•  Workplace  Technology  and  Collaboration 

•  Security 

•  Application  Portfolio  atimization  and  Renewal 

•  Performance  Engineering 

Systems  Integration  Consulting 

•  Enterprise  Systems- Oracle  and  SAP 

•  Industry  Solutions 

•  Functional  Solutions- CRM,  HR,  Supply  Chain,  Finance 

•  Technology  Architecture 

•  Business  Process-driven  Service-oriented 
Architecture  (SOA) 

•  Software-as-a-Service  (SaaS) 

Technology  R&D 

•  Cloud  Computing 

•  Software  Engineering 

•  Data  and  Process  Analytics 

•  Enterprise  Collaboration 

Visit  accenture.com/itconsulting 

Consulting  •  Technology  •  Outsourcing 


& 2008  Accenture.  All  rights  reserved. 


IT  Consulting  for  High  Performance 


High  performance.  Delivered. 


■  SECURITY 


38  COMPUTERWORLD  OCTOBER  13, 2008 


WHEN  THE 


Watchdog 
lUnderaog 


In  data  security,  many 
of  the  toughest  challenges 
have  nothing  to  do  with 
the  bad  guys.  By  Lisa  Vaas 


HINK  your  security 
staffers  are  trust¬ 
worthy?  Competent? 
Knowledgeable? 
Listen  to  a  security  profes¬ 
sional’s  horror  stories,  and 
you  might  think  again. 

Here’s  one  from  Kevin 
McDonald,  executive  vice 
president  at  managed 
services  provider  Alvaka 
Networks,  author  of  several 
books  on  cybersecurity  and 
a  member  of  the  AeA  tech¬ 


nology  trade  association: 

A  construction  company 
client  of  his  had  a  senior 
IT  person  who  was  also  in 
charge  of  security.  Some¬ 
how,  this  head  of  security 
convinced  the  firm’s  owner 
that  it  would  be  cheaper 
to  store  various  company 
databases  at  his  own  home, 
where  he  already  had  fiber¬ 
optic  lines  installed,  rather 
than  elsewhere  off-site. 

You  can  see  this  one  com¬ 
ing  a  mile  away:  A  conflict 
arose  between  the  employee 
and  his  employer.  Before 
you  could  say  “internal 
threat,”  the  security  worker 
was  sending  threatening 
e-mails  to  the  construction 
firm’s  customers,  telling 
them  that  he  had  their  pri¬ 
vate  information. 

The  action  “fundamen¬ 
tally  put  this  guy  out  of 
business,”  McDonald  says. 

It  took  six  months  to  shut 
down  the  rogue  employee, 
since  —  of  course  —  he 

Continued  on  page  38 


PHOTO  ©  ISTOCKPHOTO  /  MARIA  BIBIKOVA 


Enterprise 

INTELLIGENCE 
AWARDS  J 

Sponsored  by 

Teradata 


Thank  you  to  our  Enterprise 
Intelligence  Awards  Judges  for  2008: 

•  Andres  Mendes,  Special  Olympics 

•  Ben  Berry,  Oregon  Department  of  Transportation 

•  Greg  Smith,  World  Wildlife  Foundation 

•  Keith  Marks,  Medtronic,  Inc. 

•  Michael  Thomas,  Lockheed  Martin, 

Integrated  Systems  and  Solutions 

•  Nida  Davis-Roemer,  Federal  Reserve  Board 
of  Governors 

•  Bonnie  Henn-Pritchard,  BNSF  Railway 

•  David  Hammond,  Cardinal  Health  Incorporated 

•  Enzo  Micali,  TNS  Global 

•  Henry  Holcombe,  Universal  Service 
Administrative  Company 

•  Rick  Peltz,  Marcus  &  Millichap 

•  Yuri  Aguiar,  Ogilvy  &  Mather  Worldwide 


Congratulations 
Award  Recipients! 

Computerworld  proudly  announced  the  results  of  this  year’s  Enterprise 
Intelligence  Awards  Program.  This  program  honors  best  practices  in  the 
use  of  information  technology  solutions  built  on  Teradata  platforms. 

Finalists  and  Winners  in  each  of  the  following  categories  were  recognized 
at  the  Enterprise  Intelligence  Awards  ceremony  on  October  13,  2008, 
at  the  2008  Teradata  PARTNERS  User  Group  Conference  &  Expo  held 
in  Las  Vegas. 

The  Winner  and  Finalists  in  each  category  are: 

Customer  Intelligence  and  Management 

Winner:  Hallmark  Cards,  Inc.,  Kansas  City,  Missouri 

Finalist:  Cisco,  San  Jose,  California 

Finalist:  Norfolk  Southern  Corporation,  Roanoke,  Virginia 

Excellence  In  Bl  and  Analytics 

Winner:  eBay  Inc.,  San  Jose,  California 

Finalist:  Medco  Health  Solutions,  Inc.,  Franklin  Lakes,  New  Jersey 
Finalist:  Verizon  Wireless,  Basking  Ridge,  New  Jersey 

Industry  Innovation 

Winner:  Medco  Health  Solutions,  Inc.,  Franklin  Lakes,  New  Jersey 

Finalist:  GE  Rail  Services,  Chicago,  Illinois 
Finalist:  RBC  Financial  Group,  Toronto,  Ontario 

Integrated  View  of  the  Business 

Winner:  Discover  Financial  Services,  Riverwoods,  Illinois 

Finalist:  FedEx  Services,  Collierville,  Tennessee 
Finalist:  Freescale  Semiconductor,  Austin,  Texas 


■  SECURITY 


In  (  ita  security,  as  in  much 
of  IT,  the  vali  of  certifica¬ 
tions  is  often  questioned. 

“For  years  now,  people 
[have  been]  gettini  certifi- 
cat  ins  left  and  right,”  jys 
Bob  Maley,  chief  informa¬ 
tion  securit  of  for  the 

Pennsylvar  i  state  govei  - 
ment.  “They  might  have 
five  different  acronyms 
after  their  name” 

But  how  much  are 
those  ai  ually  h? 

It  depends. 

“Honestly,  in  the  certifi¬ 
cation  industry,  there  a  i 
brair  dump  sites,”  Marley 
says.  “People  can  get 
certified  without  having 
expe  ence.” 

“We  hire  guys  with  won¬ 
derful  degrees  who  are  just 
idiots,”  agrees  a  security 
vendor  who  r  quested  ano¬ 
nymity.  “We’ve  had  guys 
in  I  re  who’ve  got  degrees 
and  certifications,  and  they 
can’t  even  wire  a  network. 
They  know  the  v  rds  but 
they  don’t  know  how  to 
sing  the  song,” 

Maley  says  that  fri  i  what 


he  an  tell,  hiring  manag¬ 
ers  see  the  acronyms,  get 
impressed  and  let  extensive 
vetting  slide.  Instead,  they 
should  look  at  a  resume  and 
then  map  the  experience 
back  to  the  listed  certifica¬ 
tions,  he  says. 

That  said,  Maley  thinks 
some  security  certifica¬ 
tions  are  meaningful.  He 
would  hire  CISSPs  (C  ti¬ 
tled  Information  Systems 
Security  Professionals), 
CISAs  (Certified  Informa¬ 
tion  S\  terns  Auditors)  or 
CISMs  (Certi  ;d  Informa¬ 
tion  Security  nagers) 

-  if  he  could  afford  them, 
that  is. 

“CISSP  - 1  wish  I  could 
say  I’m  hiring  them,”  Maley 
says,  “I  can’t  pay  those 
guys  ough.” 

As  far  Cl  s  or  CISMs 
go,  Maley  says  that  CISSPs 
typically  have  those  certifi¬ 
cations,  which  reflect  what 
he  calls  built-in  experience. 
“You  can’t  get  those  unless 
you  show  you  have  that 
exf  rience,”h  says. 


Continued  from  page  36 
was  an  authorized  user. 
Only  when  the  employee 
publicly  threatened,  online, 
to  use  the  data  in  an  illicit 
manner  was  the  FBI  able  to 
enter  his  home  and  end  the 
standoff. 

This  is  a  worst-case 
scenario,  but  the  security 
sector  is  plagued  with  prob¬ 
lems,  from  bad  guys  to  bad 
buys,  weak  budgets  to  weak 
workers.  Here  are  some 
common  trouble  spots, 
along  with  tactics  for  deal¬ 
ing  with  them. 

BUNDLED  BADNESS 

At  this  moment,  some¬ 
where  in  corporate  Amer¬ 
ica,  security  staffers  are 
cursing  their  C-level  execs 
for  foisting  bundled  junk  on 
them.  Here’s  how  it  works: 
Salespeople  from  the  big  se¬ 
curity  vendors  convince  the 
execs  that  it  makes  sense 
to  buy  a  package  that  does 
desktop  antivirus,  e-mail 
security,  intrusion  detection 
and  Web  filtering,  all  for  $38 
per  seat. 

What’s  wrong  with  that 
picture?  “You’ve  commod¬ 
itized  those  critical  parts  of 
the  security  infrastructure,” 
says  the  head  of  a  security 
software  vendor  who  re¬ 
quested  anonymity.  “The 
problem  is,  the  perception 
of  C-level  execs  is  that  secu¬ 
rity  is  a  commodity  —  one 
[application]  is  the  same  as 
the  other.” 

But  no  vendor  is  good 
at  everything.  Organiza¬ 
tions  whose  executives  buy 
bundles  do  save  money. 
Unfortunately,  they  often 
get  “really  subpar  security, 
sometimes  dangerously  so,” 
says  the  head  of  security. 

So  how  do  you  convince  a 
boss  who’s  sold  on  a  bundle? 
By  getting  security  personnel 
in  on  the  decision-making 
process  early,  well  before 
there’s  money  on  the  table. 


Good  communication  and 
good  relationships  are  key. 

“I  recommend  that  security 
get  users  to  buy  into  them  as 
people,”  advises  McDonald. 
“Do  ‘lunch  and  learn’  inter¬ 
nally.  Bring  staff  in,  bring 
management  in,  and  have 
them  understand  why  the 


doubled  his  salary 
when  he  went  to 
the  private  sector. 


BOB  MALEY,  CHIEF  INFORMATION 
SECURITY  OFFICER.  COMMON¬ 
WEALTH  OF  PENNSYLVANIA 


things  you’re  saying  are  be¬ 
ing  said.” 

That  helps  security  pros 
combat  the  perception  that 
they’re  “just  in  the  way,” 
McDonald  says.  “Ask  the 
employees  and  manage¬ 
ment,  ‘So,  I  have  these 
things  I’m  being  told  I  have 
to  do  —  say,  to  secure  PCI 
information,  or  to  protect 
assets  of  the  organization, 
and  do  other  things  man¬ 
dated  by  government.  What 
would  you  do  if  you  were  in 
my  seat?’  ” 

Another  approach  is  to 
take  personalities  out  of  the 
equation.  That’s  what  the 


Pennsylvania  state  govern¬ 
ment  did.  Before  Bob  Maley 
took  on  the  job  of  chief 
information  security  officer 
there  in  late  2005,  the  state 
had  adopted  a  clear  set  of 
standards  for  selecting  secu¬ 
rity  products. 

But  Maley  had  other 
problems.  Not  being  able 
to  afford  qualified  security 
professionals  has  been  one 
of  his  biggest  challenges 
in  heading  up  cybersecu¬ 
rity  for  state  government. 

In  fact,  he  estimates  that 
there’s  a  pay  differential  of 
20%  to  100%  between  the 
public  and  private  sectors. 

“I  lost  a  gentleman  who 
doubled  his  salary  when  he 
went  to  the  private  sector,” 
Maley  says.  “For  me  to  get 
a  security  expert  in,  even  if 
I  would  take  them  up  to  the 
highest  step  in  their  pay  cat¬ 
egory,  it  doesn’t  come  close 
to  what  they  could  get  in 
the  private  sector.”  So  even 
if  Maley  snags  a  good  hire, 
he  knows  he  probably  won’t 
be  able  to  keep  him  for  the 
long  haul. 

LURE  OF  EXPERIENCE 

Maley’s  solution:  Hire 
promising  newbies  who 
are  “a  little  wet  behind  the 
ears.”  The  lure  for  them 
is  an  environment  where 
security  staffers  have  the 
chance  to  spot  cyberattacks 
as  they  hatch.  In  the  past 
six  months,  for  example,  his 
team  has  seen  three  variants 
of  the  Storm  Trojan  horse 
that  hadn’t  been  spotted 
elsewhere. 

That’s  not  surprising, 
because  Symantec  Corp.’s 
recent  Internet  Security 
Threat  Report  cited  a  shift 
toward  attacks  aimed  at 
trusted  Web  sites,  such  as 
social  networking  or  gov¬ 
ernmental  sites. 

“I’ve  got  a  team  that  has 
the  opportunity  to  fight  that 
Continued  on  page  40 


38  C0MPUTERW0RLD  OCTOBER  13,  2008 


ONSOLIDA' 


WINDOWS  SERVER  2008  WITH  HYPER-V. 

The  power  to  wrangle,  rope,  and  virtualize  the 


Like  most  IT,  you've  got  whole  herds  of  servers  that  need  virtualizing. 
But  you  don't  need  some  premium-priced  solution  to  rope  'em  in. 
Get  Windows  Server '  2008  with  the  virtualizing  power  of  Hyper-V. ' 

In  one  solution,  you  get  the  power  to  virtualize,  integrate  with  a  broad 
range  of  management  tools,  and  24/7  availability — all  fora  refreshingly 
low  TCO.  Drink  in  the  details  at  ServerUnleashed.com 


’$  Windows  Server  2008 


■  SECURITY 


Continued  from  page  38 
kind  of  stuff,  analyze  it  and 
be  on  the  leading  edge  in  the 
fight  between  the  bad  guys 
and  us,”  Maley  says. 

Recruits  get  hands-on 
experience  on  projects  that 
are  both  significant  and 
exciting,  Maley  adds.  For 
example,  in  order  to  halt 
repeated  virus  outbreaks,  a 
penetration-testing  rollout 


was  partially  automated 
with  tools  from  Core  Secu¬ 
rity  Technologies. 

Maley  also  coaches  his 
green  recruits  in  building 
their  resumes.  He  knows 
that  eventually  they’ll  leave, 
but  if  they’re  bolstering  their 
credentials,  having  fun  and 
learning  in  the  meantime, 
chances  are  they’ll  stay  that 
much  longer.  That’s  a  trick 


that  any  revenue-challenged 
organization  can  employ  to 
good  effect. 

Many  security  shops 
are  stuck  with  an  under¬ 
skilled  employee  or  a  se¬ 
curity  newbie.  If  you’re  in 
that  situation,  you’ve  got  to 
limit  the  staffer’s  potential 
to  blow  everything  up.  Do 
that  by  having  him  work  on 
less-critical  systems,  sug¬ 
gests  Anthony  Scalzitti,  a 
security  engineer  at  a  major 
security  software  company 
that  he  did  not  want  identi¬ 
fied.  For  example,  you  could 
have  the  staffer  investigate 
suspicious  log  activity  or 
intrusion-detection  system 
reports. 

Another  useful  security 
role  that  won’t  get  a  skill- 
challenged  employee  into 
trouble  is  attending  business 
meetings  to  keep  the  securi¬ 
ty  group  apprised  of  upcom¬ 
ing  projects.  Sitting  in  will 
be  educational  for  him,  and 
his  presence  at  the  meetings 
will  remind  business  people 
to  build  security  in  from 
the  design  phase  instead  of 
shoehorning  it  in  later. 

“Even  if  they  don’t  con¬ 
tribute  a  lot,  if  they’re  in 
the  meeting,  [the  other] 
people  say,  ‘Oh,  we  have 
security  here,’  and  they  feel 
obliged  to  think  about  secu¬ 
rity,”  Scalzitti  says.  “These 
are  useful  roles,  and  mis¬ 
takes  generally  don’t  impact 
business.” 

Another  sad  fact  of  life 
is  that  there  are  security 
prima  donnas  who  regard 
certain  tasks  as  unworthy  of 
their  time,  such  as  review¬ 
ing  logs  or  activity  alerts, 
doing  simple  configuration 
reviews  or  meeting  with 
other  business  groups. 

Scalzitti  says  he  has 
had  success  putting  prima 
donnas  to  work  research¬ 
ing  security  incidents  that 
appear  in  the  media.  The 
point,  he  says,  is  to  get  the 


LEGAL  NOTICE 
U.S.  POSTAL  SERVICE 

STATEMENT  OF  OWNERSHIP,  MANAGEMENT  and  CIRCULATION 
(Required  by  39  U.S.C.  3685) 

1 .  Title  of  Publication:  Computerworld 

2.  Publication  No.:  127-420 

3.  Date  of  filing:  September  26, 2008 

4.  Frequency  of  issue:  weekly,  with  combined  issues  last  week  of  June,  first  week  of 
July  and  the  last  2  weeks  of  December. 

5.  Number  of  issues  published  annually:  50 

6.  Annual  subscription  price:  $99.99 

7.  Location  of  known  office  of  publication:  One  Speen  Street,  PO  Box  91 71 , 
Framingham,  MA  01 701 -91 71  (Middlesex-Central  County). 

8.  Location  of  the  headquarters  of  general  business  offices  of  the  publishers: 
Computerworld,  One  Speen  Street,  PO  Box  9171 , 

Framingham,  MA  01 701 -91 71  (Middlesex  County). 

9.  Names  and  addresses  of  the  publisher,  editor  and  managing  editor:  Publisher, 
Matthew  Sweeney,  One  Speen  Street,  Framingham,  MA  01 701 -91 71.  Editor-in- 
Chief,  Don  Tennant,  One  Speen  Street,  Framingham,  MA  01 701 -91 71.  Managing 
Editor,  Michele  De  Filippo,  One  Speen  Street,  Framingham,  MA  01 701 -91 71. 

10.  Owner:  International  Data  Group,  1  Exeter  Plaza,  Boston,  MA  021 16-2851. 

1 1 .  Known  bondholders,  mortgages  and  other  security  holders  owning  or  holding  1  % 
or  more  of  total  amount  of  bonds,  mortgages  or  other  securities:  International  Data 
Group,  1  Exeter  Plaza,  Boston,  MA  0211 6-2851.  None 

12.  For  completion  by  nonprofit  organizations  authorized  to  mail  at  special  rates:  Not 
applicable. 

13.  Publication  Name:  Computerworld 

14.  Issue  date  for  circulation  data  below:  September  29, 2008. 

1 5.  Extent  and  nature  of  circulation: 

Actual  No. 
Average  No.  Copies  of 
Copies  Each  Single  Issue 
Issue  During  Published 
Preceding  Nearest  to 
12  Months  Filing  Date 


A.  Total  number  of  copies  printed  (net  press  run)  1 76,368  1 71 ,991 

B.  Legitimate  paid  and/or  requested  distribution 
(by  mail  and  outside  the  mail) 

1 .  Outside  county  Paid/Requested  mail  subscriptions 

stated  on  PS  Form  3541  1 73,908  1 69,839 

2.  In-county  paid/requested  mail  subscriptions 

stated  on  PS  Form  3541  0  0 

3.  Sales  through  dealers  and  carriers,  street  vendors, 

counter  sales,  and  other  non-USPS  paid  circulation  634  583 

4.  Requested  copies  distributed  by  other  mail  classes 

through  the  USPS  0  0 

C.  Total  paid  and/or  requested  circulation  1 74,542  1 70,422 

D.  Nonrequested  distribution  (by  mail  and  outside  the  mail) 

1 .  Outside  county  nonrequested  copies  stated  on  form  3541  0  0 

2.  In-county  nonrequested  copies  stated  on  form  PS  3541  0  0 

3.  Nonrequested  copies  distributed  through  the  USPS  by 

other  classes  of  mail  0  0 

4.  Nonrequested  copies  distributed  outside  the  mail  1 ,589  1 , 1 69 

E.  Total  nonrequested  distribution  (Sum  of  15d  (1),  (2),  and  (3))  0  0 

F.  Total  distribution  (Sum  of  1 5c  and  1 5e)  1 74,542  1 70,422 

G .  Copies  not  distributed  1 ,589  1 , 1 69 

H.  Total  (Sum  of  15f  and  15g)  176,131  171,591 

I.  Percent  paid  and/or  requested  circulation  (15c/15fx  100)  100%  100% 


I  certify  that  the  statements  made  by  me  above  are  correct  and  complete. 

Michelle  Fuller 

_ Distribution  Manager 


ception  of  C-level 
execs  is  that  secu¬ 
rity  is  a  commodity. 

HEAD  OF  SECURITY 

AT  A  SOFTWARE  VENDOR 


security  elitist  to  discover 
that  80%  of  incidents  are 
the  result  of  simple  oppor¬ 
tunistic  attacks. 

“In  information  security, 
there  are  so  many  opportu¬ 
nities  for  an  attacking  hack¬ 
er,”  Scalzitti  says.  Unless 
they  have  a  grudge  against 
a  particular  company,  he 
notes,  “they’re  going  to  go 
for  low-hanging  fruit.” 

Have  your  prima  donnas 
research  that  low-hanging 
fruit.  “It  may  take  some  time, 
but  they  come  to  realize  the 
basics  of  how  [bad]  things 
happen,”  Scalzitti  says. 

THE  BAD  SEED 

Finally,  back  to  our  rogue 
employee.  You  can  coach 
the  security  newbie,  tutor 
the  underskilled  and  chal¬ 
lenge  the  underpaid,  but 
dealing  with  a  true  bad 
apple  is  another  story  en¬ 
tirely.  The  only  sure  way 
to  handle  him  successfully 
is  to  not  hire  him  in  the 
first  place. 

Luckily,  many  organiza¬ 
tions  have  a  90-day  proba¬ 
tion  period  for  new  hires. 
Watch  your  new  security 
employee  closely  during 
that  time  to  determine 
whether  you  really  want 
him  on  your  team.  Most 
states  make  it  difficult  to 
dismiss  an  employee  after 
those  90  days  are  over.  So 
do  your  due  diligence  before 
extending  a  job  offer,  and  if 
your  weirdometer  begins  to 
click,  pay  attention.  ■ 

Vaas  is  a  freelance  technolo¬ 
gy  writer  and  can  be  reached 
at  lisavaas@lisavaas.com. 


40  COMPUTERWORLD  OCTOBER  13,  2008 


siness  Objects 

an  SAP  company 


RUSHED? 

!o  lei  .  Deliver  More 

Give  business  users  the  ability 
to  view  and  update  reports  from 
anywhere.  As  well  as  to  interact 
with  them  intuitively.  You’ll  not  only 
have  happier  end  users,  but  you’ll 
be  happier  too.  Fewer  reports  to 
create.  And  the  ability  to  schedule 
secure  reports  for  automatic  delivery 
day  or  night.  We're  talking  about 
Crystal  Reports”  Server  2008— 
the  reporting  solution  that  takes 
ne  rush  out  of  IT. 

jVf  Rush  me  your  30-Day,  FREE  Trial 
of  Crystal  Reports  Server  2008,  Call 
us  today!  1.888  !29.2276  Or,  visit 
www.businessobjects.com/workless 

CRYSTAL  REPORTS 

SERV  R 


■  SECURITY  MANAGER’S  JOURNAL  I  J.F.  RICE 


Trouble 

Ticket 


Patching  Program 
Still  Under  Fire 


AT  ISSUE:  Setting  up  a 
regular  patching  cycle  will 
require  buy-in  from  the 
sysadmins  who  will  do  the 
patching. 

ACTION  PLAN:  For  now, 
focus  on  getting  systems 
up  to  date,  and  stay  on 
message. 


Having  allies  on  the  business  side 
helps,  but  the  sysadmins  who  will 
do  the  work  remain  unconvinced. 


My  situa¬ 
tion  rap¬ 
idly  went 
downhill 
after  I 

started  talking  about  the 
need  to  proactively  man¬ 
age  the  vulnerabilities  on 
our  systems.  My  peers  — 
other  leaders  in  IT  at  this 
company  —  are  threatened 
by  my  open  approach  to 
change  and  by  being  put 
in  the  spotlight  by  the  new 
guy  in  charge  of  security. 
As  a  first  step  toward  re¬ 
solving  this  conflict,  I’m 
trying  to  build  alliances. 

IT  works  for  the  busi¬ 
ness,  and  the  people  in  the 
field  running  corporate 
operations  are  IT’s  cus¬ 
tomers.  I  assumed  that 
the  business  owners  have 
some  influence  over  the 
services  IT  provides  them, 
and  that  gave  me  an  open¬ 
ing.  I  figured  that  if  I  could 
convince  the  business 
managers  that  vulnerabil¬ 
ity  management  is  impor¬ 
tant  to  their  operations, 
then  perhaps  I  could  add 
their  voices  to  mine  and 
thus  gain  credibility  and 
influence. 

So  far,  I’ve  had  success 
with  this  approach.  Once  I 
talk  to  business  managers 


about  what  it  is  I’m  trying 
to  do,  they  become  sup¬ 
portive  of  the  idea  of  sta¬ 
bilizing  and  improving  the 
security  of  their  systems 
through  patching. 

The  IT  systems  ad¬ 
ministrators  and  their 
managers  are  the  people 
most  resistant  to  applying 
patches  —  and  it’s  the  sys¬ 
admins  who  would  have  to 
actually  do  the  work.  Pre¬ 
dictably,  they  are  falling 
back  on  the  old  argument 
that  patching  destabilizes 
systems  and  causes  more 
problems  than  it  solves. 

I’m  trying  to  make  them 
see  it  from  the  viewpoint 
of  a  security  manager:  Un¬ 
patched  operating  systems 
are  a  huge  security  risk  in 
any  environment. 

But  the  sysadmins  don’t 
see  why  it’s  important 
to  do  the  updates  when 
everything  already  seems 
to  be  working.  Their  atti¬ 
tude  is  that  we  haven’t  had 

■  I’m  trying 
to  make  the 
sysadmins  see 
things  from  the 
viewpoint  of  a 
security  manager. 


any  problems  yet,  so  why 
should  they  incur  extra 
work  and  operational  risk 
just  to  make  the  security 
team  happy? 

I’m  trying  to  bridge  the 
differences  in  our  perspec¬ 
tives,  but  I’m  not  having 
much  luck.  Looking  only 
at  return  on  investment, 
the  sysadmins  have  a 
pretty  solid  argument. 
There’s  no  question  that  a 
comprehensive  patching 
program  is  expensive.  You 
have  to  test  the  patches, 
and  it  seems  as  if  there’s 
always  another  one  being 
released.  Then  you  have  to 
track  down  every  machine 
that  needs  the  patch  and 
make  sure  it’s  fully  up  to 
date.  But  as  the  security 
manager,  I  have  to  look 
beyond  immediate  ROI.  A 
security  incident  could  be 
more  costly  than  an  ongo¬ 
ing  patching  program. 

PATCH  CATCH-UP 

I  feel  that  if  we  leave  our 
infrastructure  unpatched, 
our  servers  could  be 
vulnerable  to  a  breach, 
which  could  result  in 
devastating  losses.  It’s  a 
core  belief  of  mine  that  a 
mature  IT  infrastructure 
should  include  a  repeat- 


able,  ongoing  program  of 
vulnerability  remediation. 
But  explaining  that  to  sys¬ 
admins  who  don’t  want  to 
do  it  is  a  tall  order. 

Right  now,  I’m  focusing 
on  getting  all  our  systems 
up  to  date.  But  a  successful 
vulnerability  management 
program  depends  on  hav¬ 
ing  a  repeatable  process 
that  results  in  a  collection 
of  “snapshots”  of  the  over¬ 
all  security  posture  at  vari¬ 
ous  points  in  time.  These 
snapshots  tell  us  the  threat 
model  at  that  moment,  the 
protection  requirements, 
the  environment  being 
protected  and  the  state  of 
the  defensive  technology. 

A  successful  catch-up 
effort  will  give  us  our  first 
snapshot,  the  baseline. 

But  as  technology  and 
the  business  environment 
evolve,  the  technical  con¬ 
trols  that  are  part  of  this 
snapshot  will 
become  less  ef¬ 
fective.  That’s 
why  Fm  already 
thinking  ahead 
to  establishing  a 
patch  cycle. 

Gaining  allies  is  bring¬ 
ing  us  closer  to  this  goal. 
I’ll  keep  you  posted  on 
how  my  campaign  fares 
with  the  systems  adminis¬ 
trators.  ■ 

This  week’s  journal  is 
written  by  a  real  security 
manager,  “J.F.  Rice,”  whose 
name  and  employer  have 
been  disguised  for  obvious 
reasons .  Contact  him  at 
jfrice@engineer.com. 


©JOIN  in 

To  join  in  the  discussions 
about  security,  go  to 

computcrworld.cofn/ 

blogs/security. 


42  COMPUTERWORLD  OCTOBER  13, 2008 

I 


The  new  SonicWALL  NSA  240  next  generation  firewall  delivers  600  Mbps  in  network  throughput,  more  than 
three  times  the  performance  of  similarly  priced  Fortinet ,  Juniper  ,  Check  Point ,  WatchGuard  and  Cisco  devices : 

FINALLY,  THE  NEXT  GENERATION  FIREWALL  THAT  CAN  GIVE  YOU  FULL 
NETWORK  PROTECTION  WITHOUT  COMPROMISING  PERFORMANCE. 


SO  MUCH  FOR  THE  STATUS  QUO. 


The  award-winning  SonicWALL  Network 
Security  Appliance  (NSA)  Series  is  the  first 
to  use  a  Reassembly  free  Deep  Packet 
Inspection  '  (RFDPI)  engine  in  combination 
with  a  multi -core  specialized  security 
microprocessor  to  deliver  gateway  a n 1 1 - 
virus,  anti  spyware  and  intrusion  prevention 
at  gigabit  speed.  Now  you  don't  have  to 
compromise  security  in  exchange  for  network 
throughput.  Whether  you're  running  a  small 
business  or  a  complex  enterprise,  the  newly 
expanded  NSA  Series  has  the  right  solution 
for  your  network  security  needs.  In  addition 
to  the  enterprise  ready  E-Class  NSA  Series, 
SonicWALL  is  introducing  the  new  NSA  240  for 
branch  offices  and  the  SMB.  The  NSA  Series 
has  the  enterprise-class  features  you'd 
expect  including  Application  Firewall, 
state  sync,  and  single  sign-on.  And  it 
combines  with  the  SonicWALL  Global 
Management  System  to  centrally  manage 
thousands  of  appliances.  Reliable,  multi¬ 
functional  threat  protection  now  comes  in  one 
powerful  package,  making  it  your  best  path 
to  combat  viruses,  spyware  and  intrusions. 
Learn  more  about  our  full  line  of  SonicWALL 
NSA  solutions  at  www.sonicwall.com/fast 
or  call  1.888.557.6642 


r.  1 


SONICWALL 


c 

Security 


PROTECTION  AT  THE  SPEED  OF  BUSINESS 


1 2008,  S©nicWALL,  Inc,  SonteWAbL.  and'  the  Sonic  WAIL  lotjo-ai’e  regijrei-ea'ti'aOemaTkstff  SonitWALLLliic. 

Other  produc  t  names  mentioned  herein  ‘may  be  trademark's'  and/or  registered  trademarks  of  their  respective  companies 
Performance  achieved  leveraging  SorricWALLs  RFDPI  engine  and  multi-core  specialized  Security  processor. 

■  ■  v  n  ■  ,Vn  ..  .  d  Fortinet  PC  10( IA  Jui  ipei  :  >! >G  20  I  xtended  Check  Point  IJ I M  lEdge, 

WatchGuaicl  F  i rebox  Xnne .  and  Cisco  ASA  S505  For  more  details  see  www.SOnicwail.com/faSt 


OPINION 


Paul  G  len 

ExperHce:  What’s 

It  Really  Worth? 


MANAGERS  SEEM  to  have  mixed  feelings  about 
experience,  but  you  wouldn’t  know  it  from  read¬ 
ing  a  typical  job  advertisement. 

Most  of  them  read  like  a  laundry  list  of  re¬ 
quired  educational  experience,  managerial  experience,  specif¬ 
ic  technical  experience,  project  role  experience,  industry  ex¬ 
perience,  business  application  experience,  and  on  and  on  and 
on.  This  experience  thing  must  be  amazingly  powerful.  Time 
served  must  be  a  measure  of  something  really  important. 


But  if  experience  is  at 
such  a  premium,  why  are 
there  so  many  articles 
about  how  hard  it  is  for 
older  IT  workers  to  find  a 
job?  Wouldn’t  you  think 
that  someone  with  35  years 
in  IT  would  be  fighting  off 
suitors,  and  fresh  gradu¬ 
ates  would  be  offering  their 
services  free  of  charge  in 
order  to  obtain  a  dose  of 
this  golden  elixir? 

Why  don’t  recruiters  ad¬ 
vertise  in  A  ARP  magazine 
rather  than  throwing  parties 
on  Ivy  League  campuses? 

The  love-hate  relation¬ 
ship  managers  have  with 
experience  seems  to  be 
based  on  their  acceptance 
of  four  questionable  and 
incompatible  premises: 

1.  Experience  implies 
knowledge.  The  obvious 
reason  to  look  for  people 
with  experience  is  that 
managers  are  often  risk- 
averse  and  believe  that 
hiring  someone  with  ex¬ 


perience  is  safer  than  hir¬ 
ing  someone  without  it.  If 
you’ve  done  this  exact  job 
three  times  before,  then 
you  must  know  how  to  do 
it  by  now. 

2.  Experience  implies  rigid¬ 
ity.  While  managers  appar¬ 
ently  think  that  some  expe¬ 
rience  is  a  good  thing,  they 
also  seem  to  assume  that 
too  much  of  a  good  thing  is 
not  so  good.  If  you  have  too 
much  experience  with  the 
same  role,  technology  or 
type  of  project,  something 
must  be  wrong  with  you. 
You  must  be  stuck  in  your 
ways;  you  must  have  be¬ 
come  inflexible. 

■  My  own  experi¬ 
ence  has  taught 
me  that  most 
people  don’t  really 
absorb  the  lessons 
that  their  experi¬ 
ence  offers. 


3.  Youth  implies  creativ¬ 
ity.  In  many  cases,  we  love 
to  hire  young  people  pre¬ 
cisely  because  of  their  lack 
of  experience.  They  are 
not  set  in  the  old  ways  and 
are  free  to  come  up  with 
new  ideas  and  approaches 
that  people  with  experi¬ 
ence  might  never  consider. 
They  are  a  breath  of  fresh 
air  to  clean  out  the  stale, 
old  smell  of  experience. 

4.  Youth  implies  drive. 
And  finally,  we  love  to 
hire  the  young  because 
they  have  so  much  energy 
and  ambition.  They  are 
dying  to  go  out  and  make 
something  of  themselves, 
to  climb  mountains  and 
explore  new  horizons.  Ex¬ 
perience  hasn’t  yet  taught 
them  about  the  futilities  of 
work  and  the  frustrations 
of  life.  They  are  not  yet 
beaten  down  and  resigned. 

All  of  these  assumptions 
presume  that  experience 
is  either  a  great  teacher  or 


a  cruel  one.  But  the  truth 
is  that  experience  doesn’t 
assure  knowledge  or  rigid¬ 
ity  any  more  than  youth 
assures  creativity  or  drive. 
Passing  through  school 
can’t  guarantee  that  a  stu¬ 
dent  has  learned,  only  that 
she  has  had  a  chance  to  do 
so.  Learning  is  ultimately 
up  to  the  student.  Simi¬ 
larly,  experience  implies 
only  that  someone  has  had 
the  opportunity  to  learn, 
not  that  she  has  actually 
learned  anything. 

My  own  experience  has 
taught  me  that  most  people 
don’t  really  absorb  the  les¬ 
sons  that  their  experience 
offers.  In  one  sense,  they 
haven’t  so  much  gained 
experience  as  they  have 
had  things  happen  to  them. 
They  become  neither 
knowledgeable  nor  jaded. 
They  haven’t  processed 
the  ideas  or  compared  real- 
world  happenings  with 
their  theories  of  how  the 
world  works.  Without  this 
processing,  experience  isn’t 
really  a  great  teacher  or  a 
cruel  one;  it’s  only  a  way  to 
mark  the  passage  of  time. 

If  you  really  want  to 
make  use  of  someone’s 
experience,  or  of  your 
own,  find  a  way  to  gauge 
not  how  much  time  has 
passed,  but  how  much  of 
that  experience  has  been 
turned  into  wisdom.  ■ 

Paul  Olen  is  the  founder  of 
the  GeekLeaders.com  Web 
community  and  author  of 
the  award-winning  book 
Leading  Geeks:  How  to 
Manage  and  Lead  People 
Who  Deliver  Technology 
(Jossey-Bass,  2003).  Contact 
him  at  info@paulglen.com. 


44  COMPUTERWORLD  OCTOBER  13,  2008 


r 


You  No  Longer  Have  To 

Many  businesses  limit  their  options  when  it  comes 
to  networking.  But  with  HP  ProCurve,  you  can  open 
a  whole  new  range  of  possibilities.  With  secure  and 
reliable  solutions  that  adapt  to  the  changing  needs 
of  your  organization,  you  now  have  the  opportunity  to 
optimize  your  network  for  business  results. 


Network  of  Choice 

You  have  a  choice  at  ProCurve.com/Choice 


ProCurve 

Networking  by  HP 


©  2008  Hewlett  Packard  Development  Company,  L.P. 


MARKETPLACE 


Terabytes  of  Text 


Desktop  with  Spider 

Network  with  Spider 

publish  for  CD/DVDs 
Web  with  Spider 
Engine  fO'M"  8  N6T 
Engine  forlmu* 


♦  dozens  of  indexed, 
unindexed,  fielded  data 
and  full-text  search 
options  (including 
Unicode  support  for 
hundreds  of 

international  languages) 

♦  file  parsers  /  converters 
for  hit-highlighted 
display  of  all  popular 
file  types 

♦  Spider  supports  static 
and  dynamic  web  data; 
highlights  hits  while 
displaying  links, 
formatting  and  images^ 
intact 

!♦  API  supports  .NET  C++* 
Java,  databases,  etc. 
New.NET  Spider  API 


The  Smart  Choice  for  Text  Retrieval®  since  1991 


]  ♦  "Bottom  line;  dtSearch  manages  a  terabyte  of  text  in  a 
single  index  and  returns  results  in  less  than  a  second" 

I  -  InfoWorld 

[♦  "For  combing  through  large  amounts  of  data,"  dtSearch 
"leads  the  market"  -  Network  Computing 

\  ♦  dtSearch  "covers  all  data  sources  ...  powerful  Web-based 
engines"  -eWEEK 

♦  dtSearch  "searches  at  blazing  speeds"  -  Computer  Reseller 
News  Test  Center 

See  www.dtsearch.com  for  hundreds  more  reviews, 
and  hundreds  of  developer  case  studies 


Contact  dtSearch  for  fully-fuhctional  evaluations  t 

1-800- IT- FINDS  •~www.dtsearch.com 


Your  message  works  in  the  Marketplace  section! 


To  advertise,  call  212-655-5220  or  email  temerson@ven.com 


MicroGoose 


fH3  £  Built-in  Web  Interface 
m  I  Temperature  &  Humidify 

Power  over  Ethernet  Enabled 
pq  i  E-mail  Alarms  &  Escalations 
jj  |  SNMP,  XML,  HTTP,  HTTPS 
1  Optional  IP  Web  Cams 


liitroGoose 

*  ■>  '  4  _ 


Receive  our  FREE  BOOK  by  emailinq 

us  at  FreeBook@ITWatchDogs.com 

with  your  mailing  address  or  call  us 
at  512-  57-1462 


Server  Room 
Cumate  &  Power 
Monitoring 


■*•*■** 


Imagine  getting  as  many  leads  as  you  need,  at 
the  right  price.  All  qualified.  All  interested.  No  risk. 
VentureDirect.  Worldwide  makes  that  happen  for  our 
clients  every  day  using  search  engines  and  online 
affiliates.  You  pay  only  for  real  live  sales  leads. 

Our  cost  per  lead  programs  can  send  traffic  to  your 
web  site,  to  customized  web  pages  we  create,  and/ 
or  to  web  pages  with  multiple  offers.  Consumers 
and  business  professionals  complete  your  unique 
qualifying  questions/form;  producing  leads  in  real 
time,  at  a  fixed  cost. 

I  If  you  are  a  national  or  international 
marketer,  and  require  highly 
\  qualified  sales  leads,  call  today 

212-655-5123 

or  email 

rbatimer@ven.com 

vfer 


4®? 

VtNTUREDind 

WORLDWIDE 

www.venturedirect.com 


COMPUTERWORLD  October  13,  2008 


PAGE  COMPILED  BY  JAMIE  ECKLE. 


Career 

Watch 

■  Q&A 

Cheryl  Cran 

■  Control  Freak 

Revolution  and  pres¬ 
at  Work  Inc.  explains  why 

she  believes  control  freaks 
can  make  the  best  leaders. 


“Control  freak”  is  a  pe¬ 
jorative  in  the  English 
language.  How  do  you 
see  this  character  trait 
as  a  positive?  You  are  right. 
“Control  freak”  has  always  been 
used  in  negative  terms.  I  say 
that  there  are  positive  elements 
to  being  a  control  freak.  Typi¬ 
cally.  control  freaks  want  order, 
consistency  and  perfection. 
Their  behavior  is  negative  only 
when  they  insist  everyone  be 
just  like  them. 

I  am  encouraging  control 
freaks  to  shift  to  positive  ways 
to  use  control. 

Surely  no  one  wants  a 
control  freak  as  a  boss. 

Actually,  employees  prefer  to 
work  for  someone  who  has  a 
clear  vision,  goals  and  purpose. 
Control  freaks  have  all  of  these 
things.  When  control  freaks  learn 
to  focus  on  balanced  control, 
they  are  well  respected.  Give 
me  a  control  freak  boss  over  a 


wishy-washy  wimp  any  day. 

What  does  it  take  to 
become  a  “good”  sort 
of  control  freak?  To  be 

a  “funky”  control  freak,  the 
person  needs  to  be  highly 
self-aware.  They  need  to  catch 
themselves  when  they  exhibit 
negative  and  destructive  be¬ 
haviors.  They  need  to  be  other- 
focused  vs.  self-focused.  They 
need  to  be  self-revealing  about 
their  “control  freakness.” 

Are  you  a  control  freak 
yourself?  I  am  a  recovering 
control  freak!  I  used  to  be  the 
type  of  leader  who  had  to  over¬ 
control.  This  only  got  me  so  far 
in  my  career.  I  had  a  couple  of 
great  bosses  who  bluntly  told  me 
I  would  not  get  to  the  executive 
level  without  changing  my  be¬ 
havior.  They  were  right  -  my  suc¬ 
cess  skyrocketed  when  I  sought 
coaching  to  help  me  change. 

-  JAMIE  ECKLE 


ALL  WORKERS  35.4  38.3  40.8 


Women 


White  (non-Hispanic)  35.9  39.1  42.4  44.2 


Black 

33.3 

36.4 

38.7 

39.8 

Asian 

35.3 

37.0 

40.6 

42.9 

SOURCE:  U.S.  BUREAU  OF  LABOR  STATISTICS 


Tracking  the  Cla 


TEN  YEARS  AFTER  gradua 
tion,  members  of  the  class  of  1993 
with  a  degree  in  computer  science 
had  been  at  the  same  job  an  aver¬ 
age  of  about  six  years.  That’s  lon¬ 
ger  than  any  of  the  other  categories 
of  degree-holders  that  were  looked 
at  in  a  study  produced  by  the  U.S. 
Department  of  Education’s  National 
Center  for  Education  Statistics. 

The  results  were  reported  in  the 
summer  2008  issue  of  the  Bureau 
of  Labor  Statistics’  Occupational 
Outlook  Quarterly. 

The  study  also  found  that  those 
with  a  computer  science  degree 
were  more  likely  to  be  employed 
both  in  1994,  one  year  after  gradu¬ 
ation,  and  in  2003, 10  years  after 
graduation.  In  both  years,  their 


salaries  were  above  the  average 
for  the  study,  but  the  computer 
science  group  constituted  just 
2%  of  all  undergraduate  degree 
recipients  in  1993.  Those  with 
degrees  in  arts  and  humanities 
were  making  the  least  one  year 
after  graduation  ($25,000),  and 
those  with  education  degrees 
were  at  the  bottom  of  the  salary 
rankings  10  years  after  graduation 
($43,800). 

One  year  out  of  school,  those 
with  degrees  in  health,  engineer¬ 
ing,  and  business  and  manage¬ 
ment  were  all  making  more  than 
those  with  computer  science 
degrees,  but  10  years  after  collect¬ 
ing  the  sheepskin,  only  engineers 
had  a  higher  salary  average. 


Average  earnings  (in  constant  2003  dollars)  of  1993 
bachelor’s  degree  recipients  employed  full  time: 


1994 

Computer  science  $33,400 

■■H 

Ail  degree-holders  $30,800 

$60,600 

THE  REPLACEMENTS 

nra  sew  ;  era  sex* 

WxLaajHP  they  expect  their  j  VmAmMP  companies 
replacements  to  be  from  within  !  have  a  formal  succession  plan 
their  companies’ ranks.  !  in  place  for  the  CIO  position. 

SOURCE:  CDW  IT  MONITOR  SURVEY  OF  1.000  IT  DECISION-MAKERS.  JUNE  2000 


OCTOBER  13, 2008  COMPUTERWORLD  47 


IT  careers 


Sogeti  USA  LLC,  an  IT 
Consulting  Co.  HQ  in  Dayton, 
OH,  currently  seeks  IT 
professionals  to  fill  Consultant 
positions  located  nationwide. 
Specific  skill  sets  needed 
include: 

•  Web  Development  - 

Job  #010  (send  mail  to: 

Sogeti-1 008-job0 1 0@sogeti.  net) 

•  Business  Intelligence  - 

Job  #020  (send  mail  to: 

Sogeti- 1 008-job020@sogeti  .net) 

•  Database  Services  - 

Job  #030  (send  mail  to: 

Sogeti- 1 008-job030@sogeti  .net) 

•  CRM  Consultants  - 

Job  #040  (send  mail  to: 

Sogeti-1 008-job040@sogeti.net) 

•  Testing  &  QA  Analysts  - 

Job  #060  (send  mail  to: 

Sogeti-1 008-job060@sogeti.net) 

•  Network  Services 

Job  #070  (send  mail  to: 

Sogeti-1008-job070@sogeti.net) 

•  ERP  Consultants 

Job  #080  (send  mail  to: 

Sogeti-1 008-job080@sogeti .  net) 

•  PLM  Consultants  - 

Job  #090  (send  mail  to: 

Sogeti-1008-job090@sogeti.net) 

•  Mainframe  Developers  - 

Job  #100  (send  mail  to: 

Sogeti-1 008-jobl  00@sogeti.net) 

•  Business  Analysts 

Job  #110  (send  mail  to: 

Sogeti-1 008-job  11  O@sogeti.net) 

•  Project  Managers 

Job  #120  (send  mail  to: 

Sogeti-1 008-jobl  20@sogeti.net) 

FOR  CONSIDERATION,  YOU 
MUST  (1)  SEND  EMAIL 
W  /  RESUME  TO  EACH 
APPLICABLE  EMAIL  ADDRESS, 
AND  (2)  HAVE  AUTHORITY  TO 
WORK  PERMANENTLY  IN 
U.S.  Entry  through  Sr.  level 
positions  available.  Competitive 
salaries.  Must  be  willing  to  travel/ 
relocate. 


Thermal  Wave  (Ferndale,  Ml) 
seeks  electrical  engineer.  Design 
software  for  thermal  non¬ 
destructive  testing  using  C/C++. 
Develop  real-time  signal 
processing  algorithms  combining 
2-D  image  processing  with 
adaptive  filter  methods.  Req  MS/ 
BS+5yr  exp.  Send  resumes  to 
hr@thermaiwave.com. 

Saras  America  seeks  Systems 
Analyst,  Programmer,  Software 
Engineer,  DBA.  Job  duties/tools 
vary  depending  on  position  (SAP, 
Oracle,  Unix,  VB.Net,  J2EE,  Java, 
WebSphere/WebLogic,  C/C++,  etc). 
MS  or  BS  with  1-5yr  exp.  Travel 
required.  Send  resume  to: 
hr@SarasAmerica.com. 


Innowave  Technology,  LLC  is 
seeking  a  Sr.  Software 
Consultant,  Oracle  E-business  for 
their  office  in  Irvine,  CA. 
Bachelor's  in  business,  finance, 
accounting  or  related  field  and  5 
years  of  work  exp.,  in  job  or 
related  field.  Salaried/full  time 
position.  Please  email  resume 
and  salary  requirements  to 
mkamath@innowavetech.com .  For 
details  job  duties  about  this  & 
other  job  opportunities,  please 
visit  www.innowavetech.com 
for  inquires  call  949-223-6425 


Computer 

RCG  Information  Technology, 
Inc.  an  industry  leader,  we  are 
able  to  provide  our  people  with 
the  kind  of  work  environment 
others  can't  match.  We  are 
looking  for  the  following  IT 
professionals  with  >1  year 
experience,  for  our  New  York, 
New  Jersey,  Illinois,  and 
Pennsylvania  offices. 

Programmer/Analyst;  Systems 
Analyst;  Database  Adm.; 
Database  Analyst;  Lan/Wan 
Adm.;  Software  Engineer;  Web 
Developer;  Data  Warehousing 
Architect;  Business  Analyst; 
Solutions  Sales  Execs;  QA/ 
Tester;  QA  Analyst;  Technical 
Recruiter 

Needed  skill  sets: 

Client/Server,  ERP-SAP,  Oracle, 
PeopleSoft,  Internet,  E- 
Commerce,  Mid-Range,  AS/400, 
CRM-Siebel,  Data  Modeling 

Please  e-mail  your  resume  to: 
rirjobpost@rcgit.com  referencing 
Job  Code:  PrintAdCW.  We  are 
an  Equal  Opportunity  Employer. 
M/F/D/V 


Applications  Developer  in  Dallas; 
develop,  test  &  install  3-tier 
Window-based  apps.;  customize 
&  enhance  databases;  software 
integration;  BS-Comp.  Sci.,  Eng. 
or  related  +  2yrs  exper.  w /  3-tier 
Windows  apps.,  SQL  Server, 
Visual  Basic  6.0,  Sage  MAS  500 
and  IIS.  Send  resume  and  salary 
req’ts  to: 

Management  Information  Systems,  Inc. 
Deborah  Walpole 
5310  Harvest  Hill,  Ste.  200 
Dallas,  TX  75230 
Attn:  LC2008-001 


ShellSoft  seeks  IT  professionals 
(DBA,  system  analysts,  software 
engineers),  project  engineers 
using  Oracle,  SAP,  SQL,  Java, 
C/C  +  +  .  Require  MS/BS 
with  IT  experience.  Some 
positions  require  travel.  Please 
send  resume  to 
jobs@shellsoftinc.com.  EOE. 

Advanced  Technology  Group 
seeks  programmers  analysts, 
DBA,  system  administrator, 
software  engineers  to  design 
applications  using  Java,  Oracle, 
SQL,  HTML,  JSP,  VB,  EJB. 
Min.  MS/BS+1-5yr  exp.  Job  sites 
various.  Send  resume  to 
info@atgusainc.com.  EOE 


Software  Project  Manager  w / 
Masters  or  foreign  equiv  in  CS  or 
Comp  Applies  or  Engg  &  1  yr 
exp.  Manage,  organize,  direct, 
coord,  dvlp  &  implmt  projects 
using  People  Soft  Applies  &  web 
technologies;  Dsgn,  dvlp  &  test 
ERP  applies  using  OOA&D 
techniques,  SDLC  principles  &  SI 
ware  Dsgn  Patterns.  Dvlp, 
maintain  &  track  project  plans 
using  MS  Project,  Informatica, 
DB2,  Oracle,  Stat,  Mercury 
Quality  Center,  Win  &  Linux. 
Supv  3  Consultants.  1  yr 
exp  as  Team  Leader-Projects 
acceptable.  Mail  res  to:  Jean 
Martin,  Inc.,  551  5th  Ave.,  14th 
Fir,  NY,  NY  10176.  Job  Loc:  NYC 
or  in  any  unanticipated  Iocs  in  the 
U.S.A. 


Software  Architect,  R  &  D 
Eng.,  exp.  required.  Send 
resume  to  V.  Godwin, 
ABB  Inc.,  940  Main 
Campus  Dr.,  Ste.  300, 
Raleigh,  NC  27606.  Must 
ref  job  code  US2016. 


C0HPIITERW9RLB 

Law  Firms 
IT  Consultants 
Staffing 
Agencies 

Are  you 
frequently 
placing  legal  or 
immigration 
advertisements? 


Let  us 
help  you 
put  together 
a  cost  effective 
program  that 
will  make  this 
time-consuming 
task  a  little 
easier. 


Contact  us  at: 

800.762.2977 


it  careers 


Co-Branded 

EMAIL 

BLASTS 


Reach  your  target  audience 
of  professional  IT  job  seek¬ 
ers  with  Computerworld’s 
Co-Branded  Email  Blasts. 
This  unique  program  allows 
you  to  choose  your  criteria 
of  100%  opt-in  subscribers 
by  geography,  company 
size,  job  title  and  industry. 

Call  Dawn  Cora  at 
800-762-2977  for  details! 

COMPUTERWQRLD 


COMPUTERWQRLD  OCTOBER  13,  2008 


T 


Shamank 

TRUE  TALES  OF  IT  LIFE  AS  TOLD  TO  SHARKY 


No  Change 

User  can’t  get  her  new 
company-issued  laptop  to 
work  at  home  -  moving  the 
network  cable  from  her  home 
PC  to  the  laptop  doesn’t  get 
her  an  IP  address,  and  the 
company  help  desk  can’t 
figure  it  out.  So  this  pilot  fish 
who’s  the  webmaster  for  the 
user’s  department  offers  to 
stop  by  her  home  to  take  a 
look.  “Turned  out  the  cable 
company  has  a  ‘security’  fea¬ 
ture  that  allows  only  one  de¬ 
vice  to  receive  an  IP  address, 
either  one  computer  or  one 
router,”  says  fish.  A  router 
isn’t  in  the  budget,  so  fish  just 
changes  the  laptop’s  MAC 
address  to  match  the  PC’s, 
and  it  works.  Flash  forward 
several  months:  IT  reloads 


Windows  on  user’s  laptop  to 
fix  a  problem,  and  again  the 
laptop  won’t  work  at  home. 
User  calls  fish,  who  suggests 
that  she  write  down  the  MAC 
address  from  her  home  PC 
and  have  IT  change  the  lap¬ 
top’s  to  match.  “Next  day,  she 
steps  into  my  office,  obviously 
frustrated,”  fish  says.  “Two 
of  our  IT  staffers  explained  to 
her  that  the  MAC  address  is 
hard-coded  into  the  laptop,  so 
there’s  no  way  to  change  it. 

I  suggest  that  she  ask  them 
why  I  could  change  the  MAC 
address  but  they  can’t.  She 
calls  me  back  a  little  while 
later  to  tell  me  that  IT  figured 
out  how  to  ‘override’  the  MAC 
address.  But  they  still  insist 
it  cannot  be  ‘changed.’  I  love 
semantics . . .” 


The  Best  Defense 

Flash  back  to  2000:  Develop¬ 
er  pilot  fish  and  his  team  talk 
with  his  company’s  telecom 
group  about  developing  a  pro¬ 
gram  that  could  do  a  denial- 
of-service  attack  on  anyone 
attacking  a  company  server. 
“We  mentioned  it  to  Audit, 
since  they  normally  do  a  test 
on  the  servers,  and  they  be¬ 
lieved  we  had  already  written 
it,”  says  fish.  “For  the  past 
eight  years,  whenever  they 
do  an  audit  and  do  not  follow 
the  rules,  we  offer  to  test  the 
counterstrike  program.  They 
immediately  back  down  and 
stop  the  test.  Slight  problem: 
We’ve  never  developed  the 
program,”  fish  says.  “But 
people  don’t  know  that.  I  sup¬ 
pose  one  year  they  may  tell  us 
to  test  it.  Until  they  do,  it  will 
continue  to  do  its  job.” 

Then  Well  Test 

This  pilot  fish  sets  up  soft¬ 
ware  for  a  large  customer 
who’s  a  bit  gun-shy  when  it 
comes  to  upgrading  Java. 


“Past  Java  updates  have 
caused  problems  with  some 
of  the  customer’s  custom- 
built  applications,”  fish  says. 

“So  customer’s  management 
sends  out  a  request  for  all  of 
its  application  managers  to 
report  back  if  the  new  Java 
version  will  work  with  their 
custom  apps.  I  ask  if  I  can  get 
the  new  version  loaded  to  the 
test  servers  for  the  applica¬ 
tion  managers  to  test.  Man¬ 
agement  says  no  -  the  new 
version  is  not  to  be  released, 
even  for  testing,  until  the  ap¬ 
plication  managers  report  the  ; 
results  of  their  testing.” 

■  Report  your  true  tale  of  IT 
life  to  Sharky:  sharky@ 
computerworld.com.  You’ll 
snag  a  snazzy  Shark  shirt  if  I 
use  it.  i 

O  DO  YOU  LOVE  SHARK  TANK? 

Then  you  might  like  Shark  Bait,  too,  k 

Dive  in  and  dish  the  dirt 

with  like-minded  IT  pros. 

sharkbait.computerworld.com 

0  CHECK  OUT  Sharky's  blog,  browse  the 
.  Sharkives  and  sign  up  for  Shark  Tank  home  ■ 

deliveryatcomputerworld.com/sharky. 


■  COMPANIES 
IN  THIS  ISSUE 


Page  number  refers  to  page  on  which 
story  begins.  Company  names  can  also 
be  searched  at  computerworld.com 


Alvaka  Networks . 36 

American  Electronics 

Association . 36 

Apple  Inc . 10 

Brocade  Communications 

Systems  Inc . 10 

Bull  SA . 10 

Calgary  Unix  Users  Group . 2 

CDWCorp . 47 

ChoicePoint  Inc . 20 

Core  Security 

Technologies  Inc . 40 

Cox  Enterprises  Inc . ....28 

Cushman  &  Wakefield  Inc . 12 

Dell  Inc . 16 

ElnkCorp.... . 30 

EMC  Corp . 12,16 

Facebooklnc . 30 

FBI . 20,38 

Forrester  Research  Inc . 16 

Forward  Motion  Coaching . 2 

Foundry  Networks  Inc. . .  10 


Free  Software  Foundation . 2 

Gartner  Inc . 26 

Google  Inc . 30 

Harvard  Business  School . 30 

Hewlett-Packard  Co . 16, 24, 26 

IBM . 10 

IDC . 14,16,29 

Ideo . 30 

llluminata  Inc . 14 

Indiana  University . 26 

Intel  Corp . . . 24, 26 

Long  &  Foster 

Real  Estate  Inc . 16 

Microsoft  Corp . 16, 22 

Mueller  Water 

Products  Inc . 28 

Novartis  AG . 30 

Objective  Analysis . 12 

Oppenheimer&Co . 14 

Pallorium  Inc . 18 

PallTech  Industries  Inc . 18 

PayPal  Inc . . . 20 

Pixar  Animation  Studios  Inc. ....... .33 

Platform  Computing  Corp . 22 

QLogicCorp . 22 

Queens  Library . 14 

Red  Hat  Inc . 22 

Rensselaer  Polytechnic 

Institute . . ..28 


SAP  AG . 10 

Science  +  Computing  AG . 10 

ServiceU  Corp . 16 

Society  for  Information 

Management . 28 

Stanford  University . 30 

STECInc . 12 

Storage  Networking 

Industry  Association . 14 

Storage  Switzerland  LLC . 14 

Symantec  Corp... . 38 

Synthesis  at  Work  Inc . 47 

Teradata  Corp . . . 16 

U.S.  Bureau  of  Labor  Statistics . 47 

U.S.  Department  of  Education . 47 

Verizon  Communications  Inc . 20 

WorldatWork . . . 24 

XTSInc . 26 

Yankee  Group  Research  Inc . 24 


Accenture . 34-35 

American  Power  Conversion . 13 

Bl  Perspectives  Best  Practices  Awards  . 32 

BigFix  . 23 

Business  Objects . 41  * 

Capital  Group . 29 

CDW  Corporation . 15 

dtSearch . 46 

Enterprise  Intelligence  Awards  Program . 37 

Fujitsu  Computer  Systems  Corporation . C3 

Hewlett-Packard  ProCurve . 45 

Hewlett-Packard  Software . 19 

IBM  Express  Seller . 27 

IBM  IT Campaign . 5,7,9.11 

ITWatchDogs . 46 

Juniper  Networks . 21  * 

Microsoft  SQL  Server  2008  .  61-G3 

Microsoft  Windows  Server  2008  .  39 

Novell . 31 

SAS . C4 

SonicWAll . 43 

Sprint . 17 

University  of  Maryland . 33 

VentureDirect  Worldwide . 46 

Zurich . 1.3 


•Regional  Select 


Thi*  ladu  U  provnM  as  an  addtUout  tarries.  Tha  pirMa&ar 
doss  not  nwot  any  HaUllty  Hi  atrora  or  ocntislona. 


Periodical  postage  paid  at  Framingham.  Mass.,  and  other  mailing  offices.  Posted  under  Canadian  International  Publication  agreement  PM40063731.  CANADIAN  POSTMASTER:  Please  return  undeliverable  copy  to  PO  Box  1632,  Windsor.  Ontario  N9A  7C9.  Computerworid  (ISSN  0010- 
4841)  is  published  weekly:  except  for  a  single  combined  issue  the  first  two  weeks  of  July  and  the  last  two  weeks  of  December  by  Computerworid.  Inc..  1  Speen  Street.  Box  9171,  Framingham,  Mass.  01701-9171.  Copyright  2008  by  Computerworid  Inc.  All  rights  reserved.  Computerworid  can  be 
purchased  on  microfilm  and  microfiche  through  University  Microfilms  Inc..  300  N.  Zeeb  Road,  Ann  Arbor.  Mich.  48106.  Computerworid  is  indexed.  Back  issues,  if  available,  may  be  purchased  from  the  circulation  department.  Photocopy  rights:  permission  to  photocopy  for  internal  or  personal 

use  is  granted  by  Computerworid  Inc.  for  libraries  and  other  users  registered  with  the  Copyright  Clearance  Center  (CCC).  provided  that  the  base  fee  of  $3  per  copy  of  the  article,  plus  50  cents  per  page,  is  paid  directly  to  Copyright 
Clearance  Center.  27  Congress  St.,  Salem,  Mass.  01970.  Reprints  (minimum  100  copies)  and  permission  to  reprint  may  be  purchased  from  Erik  Eberz.  Computerworid  Reprints,  c/o  The  Y6S  Group.  Greenfield  Corporate  Center. 
1808  Colonial  Village  Lane.  Lancaster.  Pa..  17601,  (800)  290-5460.  Ext.  150.  Fax:  (717)  399-8900.  Web  site:  www.reprlntbuyer.com.  E-mail:  computerworid@theygsgroup.com.  Requests  for  missing  issues  will  be  honored  only  if 
received  within  60  days  of  issue  date.  Subscription  rates:  $5  per  copy:  U.S.  -  $99.99  per  year:  Canada  -  $130  per  year;  Central  4  So.  America.  $250  per  year;  Europe  -  $295  per  year:  all  other  countries  -  $295  per  year.  Subscrip¬ 
tions  call  toll-free  (888)  559-7327.  POSTMASTER:  Send  Form  3579  (Change  of  Address)  to  Computerworid.  PO  Box  3500.  Northbrook.  III.  60065-3500. 


4k 


■  FRANKLY  SPEAKING 


Let’s  Get  Visible 


THINK  VOLATILITY  is  confined  to  the  stock  mar¬ 
ket?  Of  course  you  don’t  —  that  wild  ride  is  now 
the  defining  theme  of  business  for  the  foreseeable 
future.  That  means  all  bets  are  off  when  it  comes  to 
IT  budgets,  IT  projects  and  how  much  cooperation  IT  will  get 
from  the  rest  of  the  business. 


Budgets?  You’ve  been 
through  this  before.  You 
knew  that  charming 
piece  of  fiction  approved 
by  upper  management 
wasn’t  likely  to  survive 
the  year  without  cuts. 
Still,  you  were  optimistic. 
And  hey,  that  budget  last¬ 
ed  all  of  two  weeks  into 
the  new  fiscal  year. 

But  now  you’ll  be  cut¬ 
ting,  and  cutting,  and  cut¬ 
ting  some  more  —  just  like 
the  rest  of  the  business. 

As  budgets  go,  so  go 
projects.  Each  of  your 
projects  has  a  business 
sponsor,  right?  But  now, 
any  project’s  sponsor 
could  disappear  at  a  mo¬ 
ment’s  notice.  That  might 
mean  the  sponsoring  ex¬ 
ecutive  had  to  cut  his  own 
budget,  and  the  project  he 
supported  no  longer  fits 
into  his  plans.  Or  the  busi¬ 
ness  sponsor  could  just 
disappear  because  he  has 
bailed  out  or  been  laid  off. 

An  empty  office  means 
no  business  sponsor  — 


and  that  means  no  project. 

And  when  it  comes 
to  cooperation,  forget  it. 
Everyone  on  the  business 
side  will  hunker  down,  run 
lean  and  hope  they  just  get 
squeezed,  not  strangled. 
The  last  thing  they’ll  think 
about  is  IT  projects. 

Maybe  that  sounds 
tempting  for  IT,  too.  But 
don’t  go  there. 

Remember,  IT  isn’t  like 
sales  or  manufacturing, 
where  results  show  up  in 
easy-to-grasp  numbers. 
Even  a  hunkered-down 
sales  force  brings  in  some 
orders,  and  a  lean-running 
plant  produces  some 
widgets.  They  still  justify 
their  scaled-back  budgets. 

But  if  IT  really  pulls 
back  from  projects,  it 
looks  like  we’ve  stopped 

■  Let’s  face  it: 
Without  projects, 

IT  is  invisible. 
That’s  not  fair, 
but  it’s  reality. 


doing  anything.  We 
haven’t,  of  course;  we’re 
still  performing  all  those 
pesky  operational  things. 
But  networks,  servers, 
phones  and  applications 
that  keep  running  —  well, 
that’s  just  background 
noise  to  users.  Sure,  they 
depend  on  them.  But  they 
don’t  notice  them. 

Let’s  face  it:  Without 
projects,  IT  is  invisible. 
That’s  not  fair,  but  it’s  real¬ 
ity.  And  especially  at  times 
like  this,  we  need  visibility. 

Then  again,  there’s 
good  visibility  and  bad 
visibility.  It  doesn’t  help  if 
top  management  sees  us 
burning  money  on  proj¬ 
ects  that  are  about  to  be 
spiked.  We  need  visibility 
doing  successful  projects. 

But  how?  The  standard 
approach  is  to  suspend  all 
projects  that  won’t  pro¬ 
duce  a  fast  return  on  in¬ 
vestment.  Trouble  is,  that 
prioritizes  projects  on 
the  basis  of  turnaround, 
not  business  value.  Quick 


hits  are  great,  but  churn¬ 
ing  out  trivial  stuff  will 
impress  no  one. 

Here’s  another  way: 
Pick  out  your  most  im¬ 
portant  projects.  Now  go 
to  each  business  sponsor 
and  ask  what  piece  of 
his  project  will  have  the 
greatest  value  if  you  can 
turn  it  around  quickly. 

That’s  right:  You’re 
carving  out  quick  little 
successes  from  big, 
impossible-to-deliver- 
soon  projects. 

But  that’s  not  all  you’re 
doing.  You’re  also  getting 
a  reality  check  on  each 
project  from  the  guy  who’s 
best  able  to  give  it  to  you. 

The  business  sponsor 
knows  his  plans.  He  can 
tell  you  if  he’s  no  longer 
able  to  support  the  proj¬ 
ect.  Or  if  it  needs  to  do 
something  different.  Or 
if  it’s  more  important 
than  ever.  Or  if  tweaking 
it  will  slash  the  schedule 
and  boost  the  payback. 

In  short,  in  the  midst 
of  all  this  volatility,  busi¬ 
ness  sponsors  can  deliver 
visibility  —  visibility 
into  the  business  that  lets 
IT  remain  visible  to  the 
business. 

And  with  that  visibility, 
IT  can  keep  delivering 
value  —  no  matter  how 
wild  things  get.  ■ 

Frank  Hayes  is  Computer- 
world’s  senior  news 
columnist.  Contact  him 
at  frank_hayes@ 
computerworld.com. 


50  C0MPUTERW0RLD  OCTOBER  13,  2008 


F  jjitsu  recommends  ii  low: ;  Vista®  Business  for  business  computing. 
Fujitsu  recommends  Windows  Vista®  Home  Premium  for  personal  computing. 


Windcw.> Vista 

Business 


Ht 


When  your  life  is  caffeinated,  you 
need  a  notebook  that  keeps  up. 


cO 

Fujitsu  gives  your  mobile  computing  a  serious  boost — from 
ultra-portables  that  won’t  weigh  you  down  to  powerful  desktop 
alternatives  and  everything  in  between  like  the  Fujitsu  Lifebook 
T5010.  With  Intel  Centrino  2  Processor  Technology  for  power, 
connectivity  and  long  battery  life,  and  with  genuine  Windows 
Vista  Business  to  stay  connected,  stay  productive,  and  stay 
away  from  the  office;  you’ll  be  hooked. 

►  See  what  Fujitsu  is  brewing. 


Connect.]  Insight 

?008- Fujitsu  Computet  Systems  Corporation.  All  rights  reserved.  Fujitsu,  the  Fujitsu  logo  and  LifeESook  are  registered  trademarks  of  F"u|itsu  Limited.  Intel,  the 
Inter  logo.  Centrino  and  Centrino  Inside  are  trademarks  of  Intel  Corporation  in  the  U  S.  and  other  countries.  MicrtisofL  Windows  and  Windows  Vista  are  registered 
trademarks  of  Microsoft  Corporation  All  other  trademarks  are  the  property  of  their  respective  owners. 


Performance 
to  go 


They  can’t  keep  up  with  the  cor  tir  uous  pro  ;ess  of  cleansing. 

But  you  can,  ith  proven  data  integration  softv  are  and  sen  ces  fr  >m  S  ^S. 

www.sas.com/o 


SAS  SOFTWARE  HELPS  COMPANIES  ACROSS  EVERY  INDUSTRY  DISCOVER  INNOVATIVE  WAYS  TO  INCREASE  PROFITS.  MANAGE  RISK  AND 


r 

SAS  Data  Integration 

L 

Visit  www.sas.com/otters  fora  free  TDWI  white  paper 

J 

.  Data  quality  and  data  profiling  •  Extraction,  transformation 

•  Connectivity  and  metadata  ar|d  loading  (ETL) 

.  Data  cleansing  and  enrichment  •  Migration  and  synchronization 

•  Data  federation  •  Master  data  management 


OPT 


THE 
POWER 
TO  KNOW, 


itfSrctfctel:*. 


